How to be Cyber Secure in 2019

Experts predicted 2018 would be a big year for cybercrime and it didn’t disappoint. Marriott, Facebook, Quora, British Airways, and even Ticketmaster all reported breaches that resulted in the loss of sensitive information and millions of dollars. Unfortunately, all indications are that hackers and cybercriminals are only becoming savvier and more diverse in their targets.

What does that mean for 2019? The answer is more. There will be more attacks, more creative phishing schemes, more ransomware, more attempts to access systems through 3rd party relationships, and more small-to-medium businesses suffering losses. That’s right. SMBs are facing increasing cyber threats too.

Your business is at risk.
Cyber security isn’t achieved through a specific technology. It is a mindset. It is an awareness that hackers want your company’s information or access to your business’s systems. The belief that your business is “too small” to be an attractive target or that unless you hold consumer credit card details, there is little incentive for cybercriminals is an outdated view. If you aren’t worried about your business’ cybersecurity, you are risking a lot.

The damage from a cybersecurity breach can be devasting. The 2018 Cisco SMB cybersecurity report revealed that 54% of SMBs suffered financial losses from a cyber-attack that exceeded $500,00. These businesses also estimated that they lost an average of eight hours of productivity due to system downtime following the attack. In 2017, the Better Business Journal shared that only 35% of respondents believed they could remain profitable for more than three months following an attack. Even with this knowledge, many businesses still take initial steps toward cybersecurity. 

SMBs are victims of cybercrime.
Figure 3 from the BBB’s State of Cybersecurity Among Small Businesses in North America2 provides some insight as to why many businesses aren’t cyber secure.

cybersecurity graphic

Nearly 80% of respondents in the BBB survey reported knowing that over 90% of successful cyber attacks start as phishing emails. Unfortunately, about the same percentage also thought that protecting their information was the most cost-effective approach to cybersecurity, which isn’t true. Hackers are resourceful and always discovering new ways to exploit holes in any cybersecurity technology — the best way to be cyber secure starts with developing a culture of security.

It is people working together with technology that can stop hackers. There is no question that businesses need intrusion prevention, URL filtering, SPAM prevention, gateway antivirus, phishing email protection, and other security technology. Perhaps even more importantly, they need to educate the employees. Training on what to look for and keeping employees conditioned to be aware of emerging threats helps to create a human firewall.

What is the BlackPoint IT team recommending to businesses for 2019? Fight back!

  1. Educate employees. Employees are on the frontline of security. If you are using phishing defense technology, it is likely you’re catching most of the known threats, but there are new ones always being created. The most cost-effective way to protect your company is by educating employees to be aware of scams and phishing lures.

  2. Multifactor authentication. It can feel like an extra step that is a time sink. In reality, this element can mean the difference between an ordinary day in the office and a hacker entering your systems.

    A password is no longer enough protection. Malware on a computer or even on a website is able to scrape the password and use it again. Multifactor authentication can also protect against phishing emails. If a user is tricked into logging into a fake site, only the legitimate site will send a working code.

  3. Protect your cloud. Office 365 is a terrific productivity tool. It is also a prime target for cybercriminals. Once a hacker has access to an Office 365 account, they have a legitimate email address and plenty of opportunity for malicious behavior. They are able to email authorized employees directing them to transfer funds (or information) to their account. Security filters wouldn’t catch this offense. The recipient might not even question the request. Implementing a feedback loop is critical to avoiding this disaster.

Be Cyber Secure in 2019

Our strongest recommendation is to remember that cybersecurity is a mentality. No business is too small to be a victim of a cyber attack. Understanding your weaknesses and fortifying your defenses are critical steps to prevent cybercrime. Then it is time to go on the offense. Conduct an annual security review and educate your team to build your cyber secure company culture. 

Want to learn more about the Blackpoint IT cybersecurity solution? Visit our IT Security Services page.