When you read the headlines, you might think cybercriminals only strike big companies. In fact, over 40 per cent of cybersecurity attacks are on small and medium-sized businesses.
“Cyber criminals target businesses of any size indiscriminately,” said Andrew Loschmann COO, Field Effect at a recent ITWC webinar. “They’re just looking for vulnerabilities and a capacity to pay, not who the target is. If you have money and use the Internet, then you have a cyber security issue”
ON DEMAND BRIEFING: 5 Things SMBs Must Do Following a Cyber-attack
All businesses need to invest in in cyber security because incidents are almost inevitable now, said Loschmann. “What’s not inevitable is the scope of the incident,“ he said. When organizations are prepared, they can limit the damage caused by an attack in terms of time and money. “And it doesn’t have to cost an arm and a leg to get prepared,” he added.
How to be prepared for the inevitable
To minimize the impact of an incident, businesses should take steps in three areas: technology, education and organizational planning.
On the technical side, it’s critical to have visibility into what’s happening on the network. Visibility means access to data on the networks, the endpoints and cloud systems, Loschmann explained. “If you don’t have sensors and endpoint agents, you’re going to have to scour network to figure out what happened,” he said. “This is far more difficult.” Loschmann advised participants to look for a solution that provides this visibility, supports all types of devices, and can provide insights as to why a threat is significant and what to do about it.
Education is just as important, said Allan Bonner, Crisis Communications Specialist. It’s almost impossible to over-communicate,” he said. “Use every means from emails to screensavers to remind everyone to be cautious.”
From an organizational perspective, Bonner also advised that a “HOT” or “Hour One Team” be established. This team must have a higher level of training and be ready to respond in the first hour. “After that, you may lose control, he said.
Business should consider cyber insurance, said Loschmann. Some companies will provide a price reduction for businesses that have certain measures in place to reduce risk. For this, he suggested that businesses review the Canadian Centre for Cyber Security’s Baseline Cyber Security Controls for Small and Medium Organizations, which establishes the basics a business should have in place. An insurance company may also provide incident response services and a breach coach if an attack happens.
What to do if it happens to you
If an incident occurs, the first step is to understand the scope of the situation, said Loschmann. “What do you know and what are the potential things that happened or are happening?”
Mitigation efforts should then begin immediately to isolate the affected systems by removing them from the network. This takes away the ability of the hackers to do further damage.
Communication is critical, said Bonner. “This is the time to blow the budget on public relations and customer relations because you need to protect your reputation,” he advised.
In the end, Loschmann recommended that small and medium-sized businesses should seek help from someone they trust. “It’s no longer reasonable to expect companies to solve it on their own.”