Nov 10, 2022
While massive data breaches at large organizations grab headlines, small- to midsize businesses (SMBs) have become an increasingly popular target for cybercrooks. Accelerated and exacerbated by the pandemic-inspired trend toward hybrid working models, research shows SMBs now represent nearly half of all cybercrime victims.
How can you, as an SMB technology leader, cope with this crime wave?
We recommend these “3 Es of Cybersecurity.” Here’s how the approach works:
- Engage Everyone as Defenders
Nearly every cyber breach (85%) involves an element of human behavior. For example, ransomware relies on social engineering techniques like phishing or vishing that trick employees into clicking malicious links by posing as legitimate individuals or entities.
So if every member of an organization is at risk, every cyber awareness campaign and training course should engage every team member – from the front line to the C-suite.
- Enable Effective Solutions
Your company’s anti-hack plan should include two essential measures:
Use strong passwords. The National Institute of Standards and Technology (NIST) recommends setting an 8-character password minimum with a mix of uppercase, lowercase, numerals, and special characters. Plus, minimize frequent mandatory resets, which paradoxically tend to weaken passwords over time.
Implement multifactor authentication (MFA). Adding a level of security with basic maneuvers such as one-time codes by text deters most illegitimate access attempts, even when attackers have stolen passwords.
- Execute Expediently
Don't delay software updates. Run updates as soon as vendors make them available. Also, include updates to secondary software-as-a-service (SaaS) applications such as QuickBooks. Deploying system patches fully and frequently can cut your ransomware risk in half without proportionately increasing spending.
Cybercrime is a multi-trillion-business that stretches around the globe and shows no signs of diminishing. Don’t face it alone. Call us for support in putting the “3 Es of Cybersecurity” into action.