It’s Halloween and cyber criminals are conjuring a poisonous potion of fear among SMEs.
According to a recent survey conducted by Barracuda, 92 per cent of businesses are haunted by the thought of ransomware attacking their organisation. It would seem like these fears are well founded – nearly half, or 47 per cent of respondents had been a victim of ransomware themselves. Of those ransomware victims, 59 per cent were not able to identify the source of attack.
These Halloween cyber sinners will be sure to serve up an extra dash of pox and a dead man’s toe, leaving SMEs potentially with a nasty taste in their mouths. Not only could you suffer a frightful financial loss but could risk being cursed with a tainted reputation.
It’s no hocus pocus that mounting security threats, increased European Union security regulations and the ongoing IT skills shortage is spooking you out. In fact, we recently published a report by 2112 Group, created on behalf of Barracuda MSP, entitled The State of European Managed Services – the findings revealed that fear of a security breach is the single biggest security services purchase trigger, followed by regulatory compliance requirements.
So, now marks the time to dust off your garlic necklaces, stock up on bottles of holy water, sharpen your stakes and begin preparing for when the cyber demons come knocking.
It’s not all doom and gloom
But locking the door and hiding behind basic firewall, data loss prevention (DLP) and endpoint security services, might not be enough. These align to just basic security solutions. It’s vital you start checking under you bed, making sure there’s nothing hiding in your closet, ensuring your nightlight is on while thinking about more advanced technologies such as vulnerability management, encryption, security information and event management (SIEM) services. Only more comprehensive suites of security technologies will carve the pumpkin.
Keeping the cyber demons away
Thankfully, there are some steps you can can take to better secure yourselves:
Sleep with one eye open. Secure commonly exploited threat vectors. Threats can infiltrate networks in various ways. To mitigate the risks, deploy a robust solution; such as an email security solution and a next-generation firewall; and secure web applications, remote users and the network perimeter.
Trick or Treat? Trick Of course. Know their game. Educate yourselves, and your employees on how to detect social engineering threats. Phishing and spear phishing attacks continue to become more sinister – and even savvy users fall victim to them daily. Continue to educate yourselves on how to protect your organisation from these threats.
Lock the backdoor. Keep systems updated. It only takes one area of vulnerability to leave the back door open on a network.
Be proactive. The truth is that the best thing to do when it comes to ransomware is be proactive, rather than reactive. You need to invest in the correct hardware and software (which not only includes cyber security but also backup) and make sure that you can control and segment network access to minimise the spread of any threats, should any get in.
The Cyber Security Breaches Survey commissioned by the Department for Culture, Media and Sport, released earlier this year, discovered that 46 per cent of all UK businesses have identified at least one cyber security breach or attack in the last 12 months. In monetary terms, it found that the average total cost of breaches for UK businesses was £1,570. This is much higher for the average large firm, at £19,600, though the average medium firm (£3,070) and micro and small firms (£1,380) also incur sizeable costs. This gives me the heebie jeebies.
Like it or not, there’s nothing these web walkers enjoy more than the taste of your data. It’s therefore imperative that you ensure you’re taking the right precautions.
Jason Howells is EMEA director at Barracuda MSP.