- May 30, 2024
- Catagory cybersecurity
Cybersecurity is an Executive Management Concern
Cybersecurity hasn’t been just an IT management issue for a long time, but executive management can’t afford to sit on the sidelines when data breaches continue to threaten the reputation and financial stability of the organization.
The executive management of many small and medium-sized businesses (SMBs) often make the mistake of thinking the organization isn’t of interest to threat actors, when in fact their cybersecurity risk is just as significant as large enterprises. They assume their IT teams have put in place the necessary technology and resources to protect the organization, and that the cloud-based applications they run are completely secured by the vendors and service providers.
Cybersecurity is also a line item in a budget, and executive management may feel as though they cannot justify the necessary spending given the pressure to manage wages, shareholder expectations and other costs while keeping the prices of their own products and services competitive.
It can also be difficult for executive management to understand the return-on-investment (ROI) of strategic cybersecurity spending, but the upfront and ongoing costs of robust security are cheaper than the financial consequences of a data breach.
The disruption caused by a cybersecurity incident will cost your business money because it invariably leads to the inability to operate at full capacity – your business can be completely unable to serve customers for not only hours, but days or longer.
This inability to serve customers not only leads to a loss of business and revenue due to the disruption itself, but also due to loss of reputation, which is damaged in the eyes of customer and suppliers. Depending on your regulatory obligations and your industry, you may face audits, investigations and even fines, which are far more expensive than investing in strong cybersecurity.
Executive management must stay in the loop and understand where the organization stands when it comes to its security posture. They must demand regular assessments, so they have confidence in what cybersecurity defences are working well, which ones need improvement, and which ones are non-existent.
By having clear visibility into the cybersecurity strategy of the organization, executive management can understand how investments can be made to improve security and how they align with business uptime objectives and regulatory compliance obligations.
Developing your own internal cybersecurity risk assessment will allow you to tailor it to the realities of your business, but you should consider aligning with well-established cybersecurity frameworks and the seek the input of outside experts. A managed security services provider can help assess your current state of security and help you implement protection and response strategies will give everyone peace of mind, including executive management.
- May 14, 2024
- Catagory IT management
Human Factors Threaten SMB Cybersecurity Efforts
Small and medium-sized businesses may be spending more on cybersecurity, but human factors still pose a significant threat.
A recent survey by password manager provider LastPass found that although SMBs have become proactive with security investments, a survey of more than 600 business and IT security leaders from companies with fewer than 3,000 employees found that human factors continue to make them vulnerable to attacks by cybercriminals.
The LastPass survey found there was a gap between how SMB leaders were tackling cybersecurity and employee behaviours.
The good news is that SMB executives have increased their attention and investment when it comes to cybersecurity. The LastPass survey found that 90% of IT leaders and 80% of non-IT leaders reported an increased focus on cybersecurity measures over the past year, with 82% of businesses boosting their cybersecurity budgets.
The bad news is there’s a disconnect between executives and their employees. Most executives and IT leaders said they feel confident about their cybersecurity measures, with only 30% of leaders believing their company faces a high risk of cybersecurity threats.
However, among the rank and file, only 78% of non-IT leaders believe employees understand the security expectations of their jobs, the survey found. More troublesome is that 1 out of 5 non-IT leaders admits to circumventing security policies, while 1 in 10 IT security leaders admits to circumventing security policies.
The LastPass survey suggests that despite increased investment in cybersecurity, their efforts are being undone by employee behavior. To get the most from their security budget, SMBs need to be mindful of the human factors that make the organization more vulnerable to an attack and subsequent data breach.
Small steps go a long way, and LastPass makes five key recommendations to encourage employee behavior that mitigates human factors that might put the organization at increased risk:
Ramp up cybersecurity education: SMBs should develop clear communication strategies and regular training sessions for all employees so they understand their role in maintaining robust cybersecurity, and every part of the organization must understand and commit to security policies.
Create incentives: SMBs should have stronger incentives for security compliance, balanced by stricter consequences for violations as well as policies for when it’s acceptable to bypass security measures to get work done. A culture of for reporting violations must also be fostered.
Embrace threat intelligence: SMB leaders must be able to identify and protect valuable and critical business information and know where the threats are coming from by investing in a threat intelligence-led security program.
Mandate password managers: Password management requires critical attention, according to the survey, so password managers combined with continuous education on password security are essential.
Brace for AI threats: Phishing attacks, cloud vulnerabilities, and the potential for business data loss due to ransomware attacks or malware are getting help from AI, so it’s important to fight fire with fire and adopt AI-driven security tools that provide advanced threat detection and response capabilities.
Cybersecurity is a continuum, and SMBs can’t be complacent even with increased investment. Human factors must be continually addressed through education, policy, and technology adoption.
Small and medium-sized businesses (SMBs) are not much different than larger organizations when it comes to sensitive data or IT infrastructure, which makes them a popular target of cyberattacks.
Often, threat actors use the same methods to attack SMBs as they do enterprise organizations.
Viruses
Viruses and malware remain a popular tool for threat actors who want to hinder an organization’s IT infrastructure. Once a virus finds its way through one endpoint, such as a business workstation, it spreads through email messages or sharing of infected files across the network.
Ransomware
A ransomware attack involves a hacker taking control of computers and servers and then locking authorized users out. Access can only be regained by paying the hackers a ransom. Worse yet, control may not be given back even after the ransom is paid.
Phishing
Phishing attacks are a little subtler than viruses, malware, and ransomware in that they trick users into sharing sensitive information, including credentials, financial information, and valuable intellectual property through social engineering techniques. Your employees are misled by professional looking emails and slick websites that look like the real deal but were designed to deceive and collect sensitive data.
Distributed Denial of Service (DDoS) Attacks
The server that hosts a company’s website gets many requests from other computers that it responds to. Threat actors launch a DDoS attack by sending millions of fake requests which overwhelms the server – all its focus and processing power is trying to respond to each of these phony requests and it becomes unable to provide access to real users.
Your Own Employees
Unfortunately, your own people can present a threat to your cybersecurity, most often through human error. If an employee fails to practice adequate security hygiene by neglecting to properly protect their credentials by connecting remotely via an VPN, threat actors can weasel their way in and gain increasing levels of access to more sensitive areas of your network and key systems.
Sometimes breaches can be physical because someone accidently leaves their device unattended while working on the road or leaving a door open to a server room. Worse yet is when a disgruntled employee decides to misuse their credentials for their own profit and steak intellectual property, customer data or financial information.
Assess, Protect and Respond
SMBs must mirror their larger counterparts if they want to avoid cyberattacks and be proactive. It’s critical that you assess your security posture, implement the capabilities to protect users, customers and data, and be prepared to respond to any threat to mitigate it and reduce the risk to your business operations and your reputation.
- September 14, 2023
- Catagory Security
SMBs Must Confront Cybersecurity Challenges Head On
If you’re a small or medium-sized business (SMB), you’re a prime target for threat actors who want to poke holes in your cybersecurity.
While enterprises are valuable targets due to the wealth of data they transmit and store, today’s digital landscape means size doesn’t matter – every business is storing information that is worth stealing. However, SMBs face greater resource constraints, not only in terms of cybersecurity, but IT in general, even though they still handle plenty of sensitive customer data, including financial and health information, as well as valuable intellectual property.
If you’re an SMB, you probably work with bigger companies, which means you’re part of a supply chain. And while you think you’re too small to matter, you can be a vector for bad actors to attack your business partners.
Today’s cybersecurity landscape means SMBs must be aware of the common threats to their business, as well as understand how to contribute to a more secure supply chain.
What SMBs are up against
Viruses and malware remain the most common threats to your cybersecurity. Keep in mind it’s not only external threats that SMBs must be mindful of – your employees can help to open the door to threats through human error by opening a suspicious email, clicking on an attachment, or not taking more care to select unique, strong passwords.
Insiders may even intentionally compromise your cybersecurity by using their credentials to access data they shouldn’t. Even an honest mistake by an employee can open the door to sensitive information, leading to a breach or even a ransomware attack that cripples your operations and damages your reputation. Social engineering in the form of phishing attacks trick employees into divulging information or allowing unauthorized access to applications and systems.
The most common approach threat actors use to disrupt business and cause SMBs downtime are Distributed Denial of Service (DDoS) attacks, which flood your web servers with fake requests as to render them useless to everyone, including your employees and your customers.
As new technology emerges, the cybercriminals find new opportunities. As SMBs move the cloud, so do threat actors by “cloud jacking” – they target vulnerabilities in the cloud infrastructure. Hackers are also using the latest technologies to launch their attacks, such as networks of botnets to distribute spam and steal data. Advances in artificial intelligence and deepfake technology make it even easier for SMBs to be tricked by fake content that might cause an employee to share privileged information or their access credentials.
No matter the technique, a data breach can lead to a disruption of your business or downtime – both of which always lead to lost revenue.
Cybersecurity essentials
It’s easy for SMBs to get overwhelmed by today’s cybersecurity requirements, but you can better protect your business from the many threats lurking in the digital landscape.
- Assess: You need to know where your vulnerabilities are, especially when it comes to remote work, which should be enabled by a Virtual Private Network (VPN).
- Educate: Your employees play a key role in securing your organizations through awareness training and good security hygiene, including the use of strong passwords, multi-factor authentication (MFA), and access management technologies.
- Update and patch: Make sure you are using anti-virus software and keeping it updated, as well as applying any patches to applications and systems.
- Secure your networks: Aside from VPNs, be sure deploy robust firewall security along and intrusion detection systems, and regular network monitoring.
- Back up critical data: It’s not a question of if a disruption will occur, but when. Being able to restore data allows you to recover from an attack quickly and avoid downtime.
The most important thing to remember is that your cybersecurity posture is never assured – you must continue to run regular audits, as well as update incident response and disaster recovery plans.
Given the resource constraints commonly faced by SMBs, consider turning to a managed service provider with cybersecurity expertise. They can help you conduct an assessment and maintain a state of ongoing readiness that allows you to handle the whatever threat comes your way.
- July 26, 2023
- Catagory Security
Your Next Data Breach is Going to Be More Expensive
The cost of a data breach is going up.
That’s according to IBM’s annual survey that found the average breach cost of 553 organizations studied over the course of 12 months ending March 30, 2023, tallied US$4.45 million – a 2.3 per cent increase compared to a year earlier. It’s also a whopping 15.3 per cent since IBM’s 2020 report. (Research for the study was conducted by the Ponemon Institute.)
Although Canadian companies are faring better than last year with the cost of data breaches at the 28 organizations included in the study dropping a bit from C$7 million to $6.9 million, Canada was the geography with the third highest breach costs behind the U.S., which was first, and a grouping of Middle East countries, which placed second.
It’s important to note these costs don’t include any ransomware or extortion payments organizations may have made, or the cost to recover from an incident.
As reported by IT World Canada, Canada’s breaches were more expensive – double that of Australia, for example. In the article, a partner in IBM Canada’s security consulting and delivery practice speculated that many of the Canadian organizations included the study were regulated industries, where recovery costs are higher, while noting the overall trend is heading in the wrong direction.
A notable data point in the IBM study is that two thirds of breaches were report by an outsourced / third party rather than their own security team discovering the breach. This indicates many Canadian organizations don’t have the right level of monitoring and insights to provide the network visibility necessary to prevent and mitigate breaches.
Another interesting stat was that organizations with high DevSecOps adoption had less costlier data breaches. Aside from getting your application development teams to “shift left” with DevSecOps, the best strategies for lowering the average cost a data breach according to the IBM study were employee awareness training, a regularly tested incident response plan, and leveraging artificial intelligence or machine learning insights.
IBM recommends following the “basics” as they are most effective tools for preventing data breaches – user threat intelligence, robust identity and access management, employee awareness training and setting up a zero-trust IT architecture, as well as leveraging AI and automation to reduce the burden on security teams. These should be complemented by a strong incident response plan, so the organization is ready to mitigate and recover quickly in the event of a breach.
Given the dynamic landscape security teams must navigate, as well as the pressure to retain talent, organizations should consider looking to a managed service provider – they can help to evaluate your current security posture and provide ongoing staff and resources to complement your IT staff.
- March 28, 2023
- Catagory Human Resources
Employee Burnout Threatens Cybersecurity Resilience
Attracting IT talent, especially cybersecurity experts, remains a challenge even amid layoffs, but so is keeping them. The last thing you want to do is contribute to employee burnout.
It’s just as big a threat as the growing number of cybersecurity threats as your IT teams struggle to do more with less after a tumultuous three years due to the waning pandemic. Employees of all stripes are experiencing burnout, which as defined by the World Health Organization (WHO) is the result of chronic workplace stress that has not been successfully managed.
The solution can be found in the WHO definition; employee burnout can be managed, even when it affects your cybersecurity staff.
Detect the signs of employee burnout
In the same way you want your cybersecurity to be proactive and detect anomalies before they become a major incident, employee burnout can not only be managed, but also prevented so that IT teams can remain engaged and avoid exhaustion.
For cybersecurity professionals in particular, workplace stress stems from the nature of the work – their environments are always active because the organization is constantly under threat. It means handling alerts throughout out the day to prevent and mitigate threats while also ensuring that long-term strategic security initiatives are met. Just making sure the security operation center is adequately staffed off hours causes stress and contributes to employee burnout. You need to make sure you have people available on-call while also giving everyone enough time to wind down if you’re to prevent burnout.
At the end of the day, employee burnout within your cybersecurity team can pose just as big a risk to your security posture as threat actors trying to compromise your IT infrastructure.
Cybersecurity resilience depends on people
Just like potential security risks, employee burnout has warning signs. Chief among them is the phenomenon of quiet quitting – that’s when staff experience depersonalization and increased cynicism. They will also feel emotionally depleted and feel as though they’re being less effective.
Employee burnout can affect the entire cybersecurity team, regardless of their role, and lead to actual quitting. A single, small incident can be the tipping point after prolonged periods of stress on the job – cybersecurity staff are constantly in “fight or flight” mode, and it’s ultimately unsustainable.
Just as you mitigate cybersecurity vulnerabilities, you want to prevent employee burnout – prevention is worth a pound of cure. You need to build up psychological resilience among your team by ensuring your team is confident they can handle what comes there way and being able to adapt to changing situations.
And no matter their job role, your employees need to have a clear sense of purpose as well as adequate social support – trust and relationships are especially important for cybersecurity team if they are to avoid burnout. It also started from the top – if you’re leading your IT staff or a security team, you need to take care of yourself – if you’re depleted, everyone else will feed off of that. Building up your own psychological resilience and instilling the ability in others will boost morale – preventing employee burnout is both about personal responsibility and team effort.
Technology does play a role, too. If your cybersecurity team doesn’t feel they have the right tools for the job, it will contribute to their disengagement. And if they feel they’re understaffed and doing more than their fair share, they’re going to look for greener pastures rather than work harder to compensate for the staffing shortage.
Exploiting automation as much as possible will allow your employees to focus on more rewarding activities and will reduce their stress – they will feel as though they are spending time on projects that that truly matter. Turning to a managed service provider who can take on some responsibilities and complement your cybersecurity team can also alleviate the pressure and further reduce the likelihood of employee burnout.
- January 17, 2023
- Catagory remote work
Remember the basics of remote work security
At the risk of sounding like a broken record, remote work isn’t going away, so you need always be mindful of some core security measures that protects what looks to be a perpetual hybrid workplace.
These measures are both technical and cultural in nature – your people are just as critical as the security technology you deploy to accommodate remote work.
The most obvious step you can take on the technology front is to regularly update and monitor your network security. This includes applying the latest security patches and upgrades to all devices, including updates to operating systems as well as keeping your antivirus and antimalware programs current. Don’t forget hardware updates such as those for your routers and switches, either.
A strong technology foundation is critical to remote work security and should also include secure VPN access for any employee working outside the office, as well as multi-factor authentication (MFA), both of which lay the groundwork for creating a Zero Trust environment. Also essential are tools for monitoring your environment so you have a complete understanding of what’s connected to your infrastructure, whether it’s devices that support remote work or other devices and services, including internet of things (IoT) devices. You should be able to interrogate the network so you can know for certain how every connected device behaves at the packet level.
In the era of remote work, MFA is a must have, and illustrates how critical the intersection of technology and people is to security. Employing MFA recognizes that even the best passwords can be broken and that the users who select and use them make mistakes. This is where employee education comes into play so all users, remote or otherwise, understand good password etiquette and the benefits of adding another layer of security with MFA.
User education is also the best defence against phishing emails, which remain the most common threat to your sensitive data. The upheaval of the pandemic has made for good cover for threat actors who send convincing emails that open the door to malware and ransomware.
The culture of your organization has always been critical for maintaining robust security, and the sudden switch to remote work was a stark reminder of that. Even as many employees return to the office, it’s a great time to remind your entire team that remote work requires the same level of attention to best practices around storing and security mission critical data.
The return to the office should also be seen as an opportunity to take another look at your entire security strategy – consider tapping into the expertise of a managed service provider to help you re-evaluate and refresh your technology and best practices.
- December 15, 2022
- Catagory cybersecurity
How Cybersecurity is Shaping Up for 2023
Remote work during the pandemic and the current dynamic of hybrid workplaces has had a strong impact on how you must manage cybersecurity. Remote work isn’t going away, while other longstanding trends as well as new realities will affect cybersecurity in 2023.
Ransomware remains a major threat
Expect ransomware attacks to continue to be a factor in your cybersecurity planning, as threat actors move from encrypting files to targeting third-party cloud providers while continuing to use aggressive, high-pressure tactics to extort victims, including data-encrypting malware and more novel infiltration approaches.
Global geopolitics will affect your business
The ongoing conflict in Europe will mean some of those ransomware threats will come from Russia. Overall, 2023 is going to begin with a great deal of uncertainly and tension, with more state-sponsored threat actors looking to destabilize global economies and specific industry sectors such as logistics and shipping, energy, semiconductors, and financial services.
Zero Trust adoption will grow
With more workloads being moved to the cloud, a Zero Trust approach to security will become more compelling and necessary in 2023, transforming how you secure your infrastructure, including network penetration testing.
Automation will increase, too
It’s near impossible for organizations of any size regardless of budget to keep up with the volume of threats, which means 2023 will see even more automated cybersecurity, enabled by artificial intelligence (AI) and machine learning. The downside is the bad guys can leverage automation and AI, too, which means organizations will need to take a more active approach to cybersecurity.
Watch out for bots
Speaking of automated bad guys, be prepared for more bot activity in 2023, which can automate and expand attacks as perpetrators rent out IP addresses to make it difficult to track them.
Your own IT is a threat
Between shadow IT and the proliferation of endpoints either due to remote work or internet of things (IoT), there’s no shortage of attack surfaces for threat actors in 2023. If your endpoints aren’t properly configured and you’re not keeping a handle on shadow IT, your cybersecurity posture will be drastically weakened.
You people can still be a problem
Even with all the right technology in place, the biggest threat cybersecurity in 2023 will continue to be your own people, whether it’s by accident or due to insider threats from unhappy or former employees. Training combined with a Zero Trust approach will mitigate risk to your business.
What won’t change in 2023 is that cybersecurity isn’t something most organizations can handle on their own, so if you haven’t already, make it the year you see how a managed service provider can help evaluate and shore up your security posture.
- August 31, 2022
- Catagory cybersecurity
Insurance not a substitute for good cybersecurity
You don’t use auto insurance as an excuse to drive recklessly, so why would you cut corners on cybersecurity because you have ransomware insurance?
With ransomware attacks doubling in 2021 compared to the previous year – due in large part to the massive shift to remote work – the average cost of a data breach grew to record levels by more than 10% in 2021 as threat actors took advantage of a broader attack surface that resulted from a hybrid work environment.
Much of the costs of these breaches were covered by insurance, including ransom payments, but cybersecurity insurance providers are becoming more selective with their coverage as payouts have increased – qualification processes are more rigorous and the threshold for a payout is getting higher.
If you were depending on cybersecurity insurance without a data protection strategy, you need to seriously rethink how you implement security in your organization.
As ransomware attacks rise, so do premiums
For starters, the number of ransomware attacks is only going to get higher as more and more threat actors with a wide array of experience and expertise look to make money off data breaches – cybersecurity insurance is not going to be enough to save your business.
It’s not that you should cancel your insurance – you should be prepared to pay more – but you must also have people, processes, and technology in place to secure your business and sensitive customer data. Making an insurance claim should be a last resort – no matter how much you pay for it, it won’t bring your data back if you fall victim to a successful attack.
You really don’t want to be paying the ransom, even though many companies go that route – that only emboldens the bad guys to keep at it. Some insurance companies are no longer even covering ransomware payouts. If cybersecurity insurance premiums are going up and not covering what they used to, it’s time to implement better security practices – prevention is much more affordable in the long run.
Your MSP can help you up your security game
Cybersecurity awareness should be something that touches everyone in your organization, including the understanding that a data breach costs the business money – and your insurance provider expects you to raise your game to take a more proactive stance with security.
Even if you’ve put the effort into your cybersecurity, keeping it current and staying on top of all the threats can be daunting. With so many systems, endpoints and users, visibility is you biggest challenge, and understanding the threats, attack surfaces and vulnerabilities requires a great deal of time and resources, including skilled people.
That’s why you should turn to your managed service provider for guidance – they’ve got to contend with rising insurance premiums too and know that prevention is better than getting the cost of a ransomware attack covered. They already have visibility into your infrastructure and can help you put all the people, processes, and technology in place so you can qualify for cybersecurity insurance but hopefully never have to use it.
As we wrap up the first quarter of the year, some trends are emerging around cybersecurity that affect businesses of all sizes.
Not surprisingly, these trends are being driven by the impact of the pandemic, as remote work continues, and organizations look to establish a new normal of flexible work hours and hybrid teams.
Cybersecurity is getting more expensive
The cost of securing the organization is going up, and so is the cost of not having robust security. According to a report released last year, the global average cost of a data breach surpassed 4 million U.S. dollars. These costs are attributable to lost revenue and lost customers, fines for non-compliance, and even ransomware payouts. For larger organizations, it’s the cost of doing business, but for smaller ones, it can mean the end. Investing in cybersecurity is also expensive, but it’s an investment that pays off in the long run.
People are the deciding factor
Social engineering remains a preferred tactic of bad actors when it comes to gaining access to systems, stealing data, and disrupting systems. Ransomware continues to be one of the most popular types of attacks, and remote work has made it easier for threat actors to target vulnerable users. This means training employees with sufficient security awareness is more critical than ever so they can spot a phishing email and understand the need to adhere to security policies. Given that passwords remain integral to managing access, there’s an increase in adoption of biometrics to add an additional layer of security to turn people into their own password by using their individual characteristics to facilitate access.
The bad guys are getting smarter
Threat actors see the benefit of honing their skills because it makes them more successful, especially when the motivation is money. Whether it’s remote work or other circumstances, they’re always looking for new avenues with vulnerabilities they can exploit. As organizations adopt new ways of working, including flexible hours and workspaces for employees, cybercriminals are going to look for windows where they can access data and disrupt systems.
One trend that’s been clear since before the pandemic is that security can not be just an issue for IT to manage. If organizations are to implement effective cybersecurity, they need the support of the C-suite who can lead by example and provide budgetary support with and understanding that cybersecurity impacts the bottom line.
Latest Blogs
FAQ