News & Insights

Defending Your Small Business From Big Threats

Julia Rapp

Defending Your Small Business From Big Threats

CrowdStrike was the latest company to partake in the National Cybersecurity Alliance’s monthly webinar series, tackling the topic of “Defending Your Small Business From Big Threats”. The June 1st event drew on the experience of Eric Bodkin, CrowdStrike’s Director of Endpoint Recovery Services. Bodkin explained three of the most prominent myths he’s encountered in his work in recovery services, specializing in working with small to midsized businesses (SMBs).

There are affordable, easy to implement, and impactful solutions available to SMBs to help protect against cybercrime and fraud. WhiteHawk can help you take the first step and match your specific cyber risks to best-of-breed solutions, all within budget.

Myth 1: I’m not a target. SMBs talk themselves into believing that they are not targets because they don’t see themselves as having enough potential to be a big payday for criminals. The truth is, criminals are opportunistic. If they see an opportunity to make any money, they’ll take it. Every business that uses the internet (even if it’s only email) is a target and an opportunity to a criminal.

Myth 2: I’m protected. Many businesses believe that purchasing anti-virus, a firewall, or a VPN protects them from every threat. The reality, however, is that these products are not properly configured, or don’t address that specific business’ threats. The company might also not have the appropriate knowledge, skills, or expertise through dedicated security personnel to properly operate the product or solution it purchased. Buying a product doesn’t guarantee protection – it needs to be researched, focused, and easy to implement.

Myth 3: I can bounce back. Finally, SMBs believe that they can bounce back with little effort and cost. This simply isn’t accurate. Criminals are smart and extremely motivated. As we’ve seen with ransomware, criminals are now exfiltrating data to extort payments at a quicker pace. They will continue to adapt and take various steps to make as much money as possible. Frequent and/or many small interruptions can lead to larger impacts.

Bodkin went on to explain that most SMBs are unaware of an attack on their network or systems until the last stage in the attack life cycle, the impact stage. At that point, it’s too late to take any impactful or effective action to prevent an attack. Bodkin drove this point home by illustrating that over time, the window of opportunity to act against a threat actor (criminal) has decreased exponentially. Bodkin did take to the time to explain the difference between criminal and APT (advanced persistent threat) activity. APTs want to remain undetected and move slower and more cautiously. Criminals though, are trying to be as quick as possible to make as much money as possible. In the 90s, you might have had months before a threat actor acted. Over the years, that time decreased to days, then in the 2010s, in decreased to hours. Today, however, that window is down to minutes.

A productive cybersecurity structure ensures that technology, processes, and people all work together as efficiently as possible. The first factor, technology, is the most important because it is the first line of defense for many SMBs. It’s also important to have complete visibility into a business’ attack surface area (network/email/cloud/assets). Good technology optimizes people and processes. Good processes include incident response plans and policies that are implemented and validated. People drive good processes and technology acquisition, but they must be knowledgeable and do their research. The key here is to implement good technology and solutions before you need to call in a recovery specialist to save the day. Contact WhiteHawk for a complimentary consultation to find a plan that best fits your needs.