October is Cybersecurity Awareness Month
October is Cybersecurity Awareness Month
October is Cybersecurity Awareness month, a collaborative effort between the government and the IT industry to ensure companies and users are safer and more secure online. Started by the National Cyber Security Alliance and the US Department of Homeland Security in October 2004, it is a time when cybersecurity experts remind companies and individuals about the importance of employing good cybersecurity hygiene and practices, not just this month, but all year long.
The theme of the first week of Cybersecurity Awareness Month, “Do Your Part. #BeCyberSmart,” encourages individuals and organizations to own their role in protecting their part of cyberspace, stressing personal accountability and the importance of taking proactive steps to enhance cybersecurity. We find that even the most well-intentioned companies “don’t think a cyberattack will happen to them.” The reality is that hackers are busier than ever. Ransomware attacks on small businesses increased five-fold in 2020, up over 400% from the prior year. We are seeing small businesses get attacked for many reasons:
- Small businesses commonly use inexpensive or consumer grade cybersecurity tools that are inadequate for today’s cyber climate;
- At least 60% of small businesses do not believe their data is valuable to hackers, but in reality any and all data holds some value to hackers who can sell it on the Dark Web or bring your business operations to a halt; and
- Employees are easy targets. 95% of cyberattacks involve human error. Most cyberattacks are caused by internal employees clicking on links giving a hacker entry into your network.
Given that the majority of small businesses go out of business within 6 months of being infected by ransomware, it’s important for small businesses to understand the risk to your business is real, your data is valuable, and your employees are your weakest link.
Our goal as a Managed Services Provider is to help companies mitigate cyber-risk to their organization via multiple layers of cyber protection and end user education. Not one cyber mitigation measure achieves cybersecurity peace of mind; instead, a coordinated cybersecurity strategy, that is regularly revisited, is the most effective way to protect your company.
Fortunately, there are steps you can take to mitigate the risk of a cyberattack putting you out of business.
Ask yourself these 10 questions to start:
- Do you monitor whether your employee passwords are for sale on the Dark Web?
- Do you engage in regular – at least annual – employee cybersecurity training so that your employees know how to distinguish a phishing email from a genuine email
- Do you have antivirus protection on EVERY device used for business that monitors abnormal and suspicious end user behavior (“next generation antivirus”) and are those security alerts monitored?
- Do you have email security tools – such as SPAM filtering – deployed on your email?
- Do you have and enforce strong password policies?
- Do you have Multi-Factor Authentication enabled on all systems and accounts?
- Do you regularly update your network hardware so that all systems are current and up-to-date (i.e. no less than Windows 10)?
- Do you have a robust firewall in place?
- Do you regularly monitor and patch your systems with security updates?
- Do you have a cybersecurity insurance policy to protect your business in the event it gets hit with a cyberattack?
If you answered NO to any of the above questions, your business is not properly protected. NBM helps companies identify their own cyber-risks and deploy appropriate cybersecurity tools, including end user education, to better combat and protect against cybersecurity attacks.
In honor of Cybersecurity Awareness Month, NBM is offering COMPLIMENTARY Network Assessments. Contact us to learn more. Let’s make this month the one in which you take proactive steps to protect your business.
Amie T. Geary, JD, CCFS | Director of IT Sales & Operations
(781) 272-2034 x1970