The recent SolarWinds hack is just one of many incidents that demonstrate the importance of good cybersecurity. Too many SMBs still believe they are too small to be targeted by cybercriminals, but in recent years the number of attacks on small and medium-sized organizations has continued to rise. The Ponemon Institute’s 2019 report found that two-thirds of the world’s SMBs had experienced a cyberattack as of 2019, yet at the time, 45% of those same surveyed businesses reported that their cybersecurity posture was “ineffective”.
Safeguarding your organization and its digital assets may seem like a daunting task, but in the digital age, a robust cybersecurity stance is essential. In this article, we will discuss common threats to look for, as well as concrete steps your organization can take to protect itself from cybercriminals, and ways the Virtual Armour team is here to help.
Common Cyber Threats to Watch Out For
Cybercriminals, also called hackers, use many tactics to target businesses of all sizes. However, because of the pervasive idea that SMBs are less likely to be targeted, smaller organizations are less likely to be prepared.
Social Engineering (Including Online Scams & Phishing Scams)
Social engineering, a common tactic used in phishing scams, including spam, involves manipulating unsuspecting victims into granting access to restricted systems or data or revealing private information such as usernames and passwords.
Social engineering can take several forms. Phishing scams involve sending potential victims an email impersonating a trusted individual or organization (such as your boss or your bank) and using that previous relationship built on trust and authority to trick you into doing what the cybercriminal wants you to do. At its core, social engineering uses basic human psychology (such as our predisposition for helping others or trusting organizations we do business with) against us to manipulate our actions.
Ransomware
Ransomware is a type of malicious software (or malware) used to prevent legitimate users from accessing their data and systems. Once the legitimate user is locked out, the cybercriminal demands a ransom and promises to restore access if the ransom is paid.
Ransomware can easily cripple an organization of any size as daily activities grind to a halt. Even if the ransom is paid, recovery can be a challenging process. Depending on the systems or data affected, you may require the assistance of a cybersecurity expert.
While some organizations choose to take the financial hit and pay the ransom, there is no guarantee the cybercriminal responsible will hold up their end of the bargain once the money has been handed over.
The costs associated with ransomware also typically extend beyond the ransom itself. You may also:
Need to replace damaged data or hardware and recover any data that has been lost.
Experience a loss of income due to business disruptions
Incur additional IT costs in the form of overtime wages, increased security costs, and the wages of any additional personnel required during the recovery phase.
Need to pay for a cybersecurity investigation and forensics services (if you experienced a data breach as part of the attack)
Likely need to invest in further employee training to help safeguard against future incidents.
Depending on the nature and scale of the attack, your organization may also suffer reputational damage, which you may or may not be able to recover from.
DDoS Attacks
DDoS (Distributed Denial of Service) attacks can be performed by either large, coordinated groups of cybercriminals or a handful of cybercriminals controlling a large number of bot computers (computers controlled by programs that allow them to perform automated tasks on command).
During a DDoS attack, all of the cybercriminals or their bots hammer your server with requests, overloading it and causing it to crash. This can potentially paralyze your business as business activity grinds to a halt. When the server is down, legitimate users such as employees or customers are unable to access the targeted server or any websites or applications hosted on it.
Cybersecurity Basics
Now that you know what sort of threats are out there, what steps can you take to safeguard your organization against them?
Creating a response program begins with making critical decisions (such as who is responsible for what and how resources should be allocated during a crisis) before an attack occurs. Attacks tend to unfold quickly, so an ad hoc response developed in the moment won’t be sufficient. By preparing ahead of time, you can ensure there are no gaps in your policies and procedures that could hinder your response efforts.
Next, you need to preemptively look for potential threats. You can’t respond to a threat if you don’t know it is there. This proactive approach gives you a heads up on any potential threats so you can adjust your tactics and strategy to best safeguard your digital assets.
Should an incident occur, your top priority should be to contain it before it can do any significant damage. Once the threat has been contained, then you can shift your focus to eradicating the threat so it can’t be weaponized against you again and ensure all unauthorized users are locked out of your system.
Once the threat has been dealt with, you will need to move into the recovery and remediation phase. This involves notifying any impacted external entities (such as customers and relevant governing organizations) and telling them what happened and what damages your organization has suffered. This is also the phase where you gather evidence for later review. This phase focuses on the root cause analysis, which identifies the primordial problem and lets you determine what steps you can take to effectively remedy the situation.
Finally, when the investigation is complete, you and your team should review the efficacy of your response. Identifying any gaps or weaknesses now gives you a chance to address them before your organization is threatened again.
Review your cybersecurity protocols and schedule refresher training for all employees
You may also want to consider conducting pen (penetration) tests. Pen tests involve hiring an ethical hacker to stress test your cybersecurity defenses and look for gaps that cybercriminals may be able to exploit. Once the test is complete, the ethical hacker sits down with your team to share their findings and offer expert advice on steps you can take to better fortify your network.
Invest in Employee Training
Cybersecurity is everyone’s responsibility. Even the best plan is only useful if everyone on your team knows how to implement it effectively, and even the most diligent employee can’t follow your cybersecurity best practices if they don’t know what they are.
Employees should undergo cybersecurity training as part of your onboarding process, and all employees from the CEO down should receive regular refresher training. All employees need to:
Understand why cybersecurity is important
Know what protocols are in place and why
Know how to identify suspicious activities
Know who to report suspicious activities to
Know what steps they need to be taking to help safeguard your organization
As part of your refresher training, you may want to consider conducting tabletop exercises. Tabletop exercises work like cybersecurity fire drills: allowing your team to respond to a hypothetical cybersecurity incident in a zero-stakes environment. Tabletop scenarios allow employees to put the information they learned in cybersecurity training to the test and try out your current protocols, so they are well-practiced should an actual incident occur.
When the exercise is finished, you can sit down with your team and review the efficacy of their response as well as the efficacy of your existing protocols. This gives you a chance to identify any deficiencies and create solutions before your organization is actually threatened and helps keep response protocols fresh in your employees’ minds. This is also an excellent way to familiarize employees with any changes or updates to your cybersecurity incident response plan.
All of this may seem daunting. Not everyone is a cybersecurity expert, and that is okay. That’s why the experts at Virtual Armour are here to help. We can work with your organization to identify current deficiencies in your cybersecurity plan, help you create your cybersecurity incident response program, and help you respond and recover from an incident should one occur.
For more information about what steps you can take to begin fortifying your cybersecurity posture or begin the fortification process, please contact our team today.
Further Reading
For more information about threats to look out for, steps you can take, and other cybersecurity news, please consider reading our blog.
Some articles and resources you may be interested in include:
2020 was a rough year for all of us, particularly from a cybercrime perspective. As businesses and schools rapidly pivoted to remote work and remote learning, many cybercriminals changed their tactics and adjusted their focus to take advantage of the situation as well as user uncertainty and fear.
As working and learning from home remain the norm for many individuals and businesses around the world, cybercriminals are poised to continue aggressively targeting users specifically using a blend of online and offline tactics.
The SolarWinds attack, which infiltrated both the US Treasury and the Department of Homeland Security as well as a number of private organizations, rocked the cybersecurity world. Uncovered last December, this wide-reaching, devastating attack is believed to be the work of the Russian Intelligence Agency’s Foreign Intelligence Service and may have been launched as early as March 2020.
Even once experts know the full extent of the attack, the remediation process will be long and grueling. Entire enclaves of computers, servers, and network hardware across both federal and corporate networks will need to be isolated and replaced even as security teams continue to hunt for evidence of malware, determine what information has been compromised, and create and implement strategies to mitigate loss and damage.
Number of Cyberattacks Expected to Rise
In addition to dramatically changing how we go about our daily lives, COVID-19 has also provided a convenient cover for cybercriminals as they shift their attack vectors away from large, well-guarded corporate networks to small, potentially vulnerable home networks. One study suggested that, in 2021, a ransomware attack on a business is likely to occur every 11 seconds, up from every 40 seconds in 2016.
INTERPOL’s assessment of the impact of COVID-19 on cybercrime has shown similar trends, with targets shifting away from major corporations, governments, and critical infrastructure in favor of small businesses and individuals.
As users log in from home, they create personal islands of security: a model where each user is effectively following different (often lax) security protocols. When workers are onsite, all of their traffic is routed through your business’s network, which is likely closely monitored by a professional security team. However, without a dedicated security team watching every employee’s home network and personal device, your organization is exposed to increased risk.
Cybercriminals are taking advantage of this increased attack area to create personalized attack chains. While traditional tactics often involved a “spray and pray” approach (where cybercriminals used generalized social engineering attacks, such as the classic Nigerian prince scam, to target a large number of users in the hopes that a few would bite), recent trends have seen a rise in hyper-personalized attacks that target specific uses with privileged access to sensitive infrastructure, data, and systems.
While this approach is more time-consuming (since attackers need to identify and profile specific individuals to create the targeted attack), this approach is more likely to yield shorter attack-cycles, making it increasingly difficult for organizations to identify and stop attacks in progress.
The work from home era has forced cybercriminals to adapt their tactics, but unfortunately, many have done so successfully. One tried-and-true cybersecurity attack, the phone scam, has seen a resurgence.
A similar but related scam involves scammers offering “relief payments” from government agencies. These calls, text messages, and emails typically follow a general format: The caller says you have been approved to receive money, either via a relief payment or a cash grant or even via a low-interest small business loan and then asking for personal information (to “verify your identity”), banking information (so they can charge you a small “processing fee”) or both. Some scammers also ask for payment via cryptocurrencies (such as bitcoin) or gift cards.
Another twist on the phone scam is the fake tech support scam. This follows a similar format to the scams discussed above but involves cybercriminals asking users to grant access to their computers so they can “conveniently” fix a tech support problem you weren’t even aware you have.
Criminals then use this access to install malware, add backdoors for future access, or log keystrokes (to capture usernames, passwords, banking details, and other sensitive data).
SMBs Likely to Invest More in Cybersecurity
As cyber threats continue to rise in 2021, small and medium-sized businesses are, particularly at risk. This is because, unlike large, enterprise-level organizations, many smaller organizations still believe that they are less likely to be targeted.
The best thing you can do to safeguard your organization’s digital assets is be proactive. Make sure you are up to date on all the latest cybersecurity threats and have a well-rounded and up-to-date cybersecurity incident response program in place.
You should also assess your current cybersecurity posture regularly to ensure it is continuing to meet your needs, and you may want to consider conducting pen (penetration) tests to stress-test your current defenses. You should also make sure that all new employees receive cybersecurity training as part of their onboarding process and that all workers undergo refresher training regularly. You may also want to consider conducting tabletop exercises to give your team a chance to test their cybersecurity response skills in a no-risk environment.
Virtual Armour is Here to Help
Safeguarding your organization from cybersecurity threats can be a lot to handle, particularly if you aren’t already a cybersecurity expert. That’s why Virtual Armour is here to help. Our team of experts can review your current practices with you, help you identify weaknesses, and create a plan to strengthen your defenses. We are also able to monitor your infrastructure, firewall, and endpoints 24/7/365 for potential threats and help you mitigate or even avoid damage should an incident occur.
For more information about our service offerings or to find out what you can do to safeguard your digital assets best in 2021, please contact us today.
The holidays may be a time for spending time with loved ones and exchanging gifts, but the gifts cybercriminals bring aren’t jolly at all. 2020 Has been a rough year, and many organizations have felt the strain, particularly when it comes to cybersecurity and adapting to the changing tactics cybercriminals are employing.
This year, give your organization the gift of a good cybersecurity posture by taking steps to safeguard your digital assets.
The Cybercrime Pear Tree: How the Sudden Shift to Remote Work Has Changed the Workplace Landscape
The sudden pivot to remote work earlier this year left many organizations scrambling to continue daily operations and minimize disruption, which means cybersecurity may have fallen down your list of priorities. 2020 saw an increase in the number of cyberattacks and brought with it new attack surfaces. Paired with a distracted workforce and unanticipated staffing shortages in a multi-stress environment, 2020 created very favorable conditions for cybercriminals that are likely to continue into 2021.
The continued shift to remote work has meant that many organizations are relying on new and unfamiliar infrastructure and processes to continue daily operations. This lack of familiarity and the artificially accelerated shift to remote work means your team may not know about existing vulnerabilities in the software they are using to do their jobs. Cybercriminals are continually exploiting existing vulnerabilities in remote work technologies, so you need to ensure all software used has undergone a security audit.
However, even if your organization has thoroughly vetted all new technologies and processes, you can’t be certain that your business partners, vendors, and other third parties have been as studious, which means you need to be extra vigilant and may need to take additional steps to minimize risk to your organization.
The Human Factor
The pandemic has taken an emotional toll as well, leaving workers distracted and stressed. Personal and financial stressors leave workers more vulnerable to social engineering attacks, and remote workers may not be as vigilant about their cybersecurity posture at home as your internal security team is at the office.
As more workers call in sick or need to take time off or reduce the number of hours they are available to care for dependents or relatives, many organizations are facing unanticipated staffing shortages. At the same time, while many workers used to find working from home increased their productivity, the forced isolation, limited privacy, loneliness, and new demands brought by the pandemic have decreased productivity dramatically.
In the United States, recent data suggests productivity among professional and office workers is down 11%, and manual service and industrial workers are, on average, 17% less productive. In-house security teams have been particularly hard hit as they are forced to operate in an environment where they now face multiple crises on various fronts at any one time, each of which demands significant attention from both management and security teams. Securing a remote workforce is also more difficult than securing an on-site workforce, further adding to security workloads.
The Digital Partridges: Threats to Guard Against
Phishing Attacks Leveraging Video Conferencing Software
Many cybercriminals have begun to leverage video conferencing software such as Zoom and Skype to launch phishing campaigns. Criminals create phishing emails made to look like legitimate pending notification emails coming from Skype, Zoom, or a similar platform. When users click on the link in the email, they are asked for their username and password, which are then harvested by unauthorized users for criminal purposes.
Other groups are sending phishing messages reportedly from Zoom telling recipients they have missed a meeting or their account has been suspended, designed to get users to click on a malicious link to either view the meeting details and reschedule or reactivate their account. Other similar attacks try to trick users into downloading fake video conferencing software installation programs that contain malware.
Social Engineering in the Remote Work Age
We have already discussed in detail how remote work environments make social engineering even more dangerous. Social engineering involves manipulating individuals to infiltrate an organization at the human level by tricking users into revealing sensitive information or granting access to the network.
Since social engineering attacks often rely heavily on email or other communication types such as phone calls or text messages, remote work environments are particularly vulnerable to this type of attack as users trade in-person meetings for phone calls, video conferencing calls, and text-based forms of communication.
Social engineering plays on two main factors: our innate desire to help others and emotions such as fear, urgency, or other forms of psychological distress. Cybercriminals trick or scare users into opening malicious files, click on malicious links, or reveal sensitive information. A sense of urgency prompts users to act quickly before they have had a chance to properly weigh the request and consider it rationally. By the time users or their superiors realize something fishy is going on, it may already be too late.
Protecting Your Presents: Steps Your Organization Can take to Safeguard Your Digital Assets
Adjust Your Cybersecurity Strategy
Most cybersecurity strategies were developed with on-site workers in mind, so it is vital to review your cybersecurity strategy in light of remote work and adjust accordingly. You should already be reviewing your security practices at least once per year, but if your next scheduled review isn’t for a while, it might be a good idea to add an additional review to your list of New Year’s Resolutions.
You should also make sure you have a robust yet flexible cybersecurity incident response program in place. If you don’t already, you may want to consider drafting one as soon as possible. You should also review your incident response program and ensure that it takes remote workers into account and is still able to meet your organization’s security needs.
Secure Your Endpoints
An endpoint refers to any device such as a computer or mobile phone that can be used to access your network. While all the endpoints in your physical office may already be secure, you need to ensure that any home devices being used to access your network meet your security standards. Organizations that rely on BYOD (Bring Your Own Device) policies are particularly vulnerable to cybersecurity attacks since organizations don’t have direct and complete control over how those devices are being used, what other programs are installed on them, and other factors that may compromise your network’s security and leave your digital assets vulnerable.
Regular Cybersecurity Training: The Gift that Keeps On Giving
This holiday season, consider giving your workers the gift of cybersecurity training. All employees, from the lowest ranking intern up to the CEO, should receive cybersecurity training as part of their onboarding process and undergo regular refresher training.
The sudden pivot to remote work has likely affected how workers complete their daily tasks, so you should consider adjusting your current cybersecurity training program to account for these changes. You should also make sure that, as part of this training, you explain to workers why certain steps, procedures, and policies are important and how they contribute to the overall security of your company; When workers understand the “why” behind the “what,” they are more likely to see the value in additional steps and make sure to take them.
Run More Exercises
Exercises such as pen (penetration) tests and tabletop exercises are incredibly valuable.
Pen tests involve hiring an ethical hacker to stress-test your network and look for vulnerabilities. Your team can then use the insight gained by the hacker to improve your overall security. Running a pen test on your network, with a focus on any new software your remote workers are using, can help ensure that your organization isn’t left vulnerable.
Tabletop exercises act like cybersecurity fire drills: workers are given a hypothetical scenario (such as a hack or data breach) and tasked with responding to it effectively. Tabletop exercises allow workers to apply the knowledge they gain in cybersecurity training in a no-risk environment. Once the scenario is complete, you and your team can sit down and review your response’s efficacy and identify any gaps or problems that need to be addressed.
Should you experience a breach or hack, our team can help you fend off the attack, identify the root cause of the issue, and identify steps you can take to mitigate or even avoid damage and create concrete plans to help you prevent similar attacks going forward.To learn more about the cybersecurity threats 2021 is likely to bring, and what steps you can take to safeguard against them, please contact our team today.
Identity management, as a concept, has been around for a while, although many of us are just hearing about it now. It sounds impressive, but what does it really mean, and are there steps your organization should be taking to ensure you have good identity management practices in place?
What is Identity Management?
Identity management (also called identity and access management or IAM) is just a fancy name with a high price tag that essentially covers all of the cybersecurity best practices you likely already have in place. The goal of any IAM strategy is to define and manage the roles and access privileges of all users on your network, and specify the circumstances under which users should be granted or denied privileges.
IAM Takes Cybersecurity Beyond the Workplace
While most organizations have robust cybersecurity practices already in place, the most significant shift IAM brings to the table is bringing cybersecurity out of the workplace and into the personal sphere.
As hacking and other forms of cybercrime become increasingly common, many individuals have begun to pay cybersecurity companies to protect their personal identity by monitoring their personal data for suspicious activities. Though this approach to cybersecurity builds on basic best practices already in place, this is the first time these practices have been applied to individuals in a non-workplace setting as the concept that individuals need to take cybersecurity steps to protect their personal digital assets continues to gain traction.
Identity & Access Cybersecurity Best Practices: A Brief Refresher
We have discussed cybersecurity best practices in the past. However, you should review your current cybersecurity posture frequently so you can ensure your current protocols continue to safeguard your digital assets and meet your needs.
Knowledge is Power
A lack of data can cripple even the best cybersecurity solution. Make sure your network is being monitored 24/7/365 for suspicious activity, and all activity on the network should be logged.
From an identity and access standpoint, suspicious activity may include users logging on at strange hours or from strange locations (a sign that their credentials may have been stolen by cybercriminals) or signs of credential stuffing, where cybercriminals try multiple username and password combinations in rapid succession in the hopes that one pairing will grant access.
Not Everyone Needs to Access Everything
Some areas of your network are bound to contain more sensitive systems and data than others. As such, these areas, such as financial records, should be afforded extra protection. While your network likely already has a firewall around its perimeter, you should consider installing internal firewalls around critical or sensitive systems as a second line of defense if your perimeter is breached.
The Importance of Strong Password Guidelines
Choosing a strong, hard to guess password is a simple step all users can take to improve your cybersecurity posture. To help ensure all users are choosing good passwords, you should be enforcing password best practices. NIST (the National Institute of Standards and Technology) offers comprehensive guidelines on choosing secure passwords in section 5.1.1.1 (Memorized Secret Authenticators) of their Digital Identity Guidelines document.
The Benefits of Password Managers
The best passwords are long and truly random, unlikely to be guessed by anyone in a reasonable amount of time. However, long random passwords are also a pain to memorize, encouraging users to write them down or otherwise store them insecurely, defeating their purpose.
To help ensure users are choosing strong passwords, you may want to consider using a password manager. A password manager works like a book of passwords where only the user has the master key. Passwords within the manager can be randomly generated, and many password managers will flag reused passwords so that users know the password they are using isn’t unique and needs to be updated.
The Power of MFA
Physical devices such as computers and smartphones can be stolen or lost, and passwords can be compromised, which is why many organizations and individuals are turning to MFA. MFA (multi-factor authentication, also called two-factor authentication) pairs a strong password with a second form of identification, such as a hardware element or text message confirmation.
When a user enters their username and password, the system sends them a push notification, often to their smartphone. The push is generated by the MFA app, and the user must acknowledge the push (either by clicking on a link in the message or entering a randomly generated temporary code on the login page) before they are granted access to the network.
Make Sure You Have Offboarding Procedures in Place
While many organizations invest a lot in their onboarding processes to ensure new hires are set up for success, not all organizations invest in offboarding processes. Making sure you have policies and procedures in place for revoking credentials from former employees is vital for good cybersecurity.
Former employees and cybercriminals alike may act unscrupulously and use their old credentials to gain access to the system. If cybercriminals are successful, their unauthorized access may go unnoticed for a while since the former employee is no longer monitoring their old account.
Offboarding is also a good policy to have regarding your personal data. Make sure you are completely aware of any other parties that have access to any personal accounts, including bank accounts or even your Netflix account, and know how to have their access removed should the need arise.
Consider a Zero Trust Approach
Zero Trust Security is exactly what it sounds like: Don’t trust any user until they are verified. Like current best practices, traditional cybersecurity approaches included strong perimeter security, such as firewalls. However, one of this model’s main failings was that if an unauthorized user was able to breach the perimeter, there was little to no internal security to prevent them from accessing sensitive areas of the network.
Zero Trust Security rests on the belief that trust should never be automatically granted either outside or inside a network’s perimeter. All users must verify their identity every time they try and move around the network. This way, even if the perimeter is breached, unauthorized users can be more easily contained to the network’s less sensitive areas.
Further Reading
Cybersecurity is everyone’s business, from the intern in the mailroom all the way up to the CEO, and this idea has spread beyond the workplace and into the home. To help ensure your cybersecurity posture as a business is as strong as possible, you should be:
reviewing your policies regularly
including cybersecurity in your onboarding process for new employees
offering frequent refresher training for all employees
On a personal and workplace front, you should make sure that you, your family members, and your co-workers all understand the importance of good cybersecurity and why each policy and procedure is in place.
If you could use a refresher, we have included a list of articles for your review below. If you have any questions about cybersecurity or could use some expert advice, please contact our experienced team.
We do so many things on our smartphones: We stay in touch with friends and colleagues, we do our banking, we look for work, and so much more. Unfortunately, while phones have made it easier than ever to go about our everyday lives, they also offer another way hackers can reach us by gaining access to our money and private files. While hacking may look different than it did when home computers first became commonplace, some old school tactics are still in use alongside the new and insidious approaches hackers use to gain unauthorized access to our devices. Even if you are pretty tech-savvy, you may be inadvertently exposing yourself to risk.
Hackers target our phones for a wide variety of reasons, but there are steps you can take to protect yourself. If you think you have been hacked, please read our blog post: Hacked? Here’s What to Know (& What to Do Next). To help safeguard your smartphone as well as any networks it connects to, you and your team should be reviewing your security practices regularly.
Ransomware attacks aren’t limited to desktops and laptops. A ransomware attack could paralyze your phone, keep you from accessing critical files, and allow unauthorized users to access sensitive personal data. The basic anatomy of a ransomware attack involves hackers tricking users into downloading malicious software (malware), which they use to take control of the device and lock users out. The hacker then threatens to delete critical files or release private information unless the user agrees to pay the ransom. While some users may be tempted, paying the ransom doesn’t guarantee you will regain control of your device or your data.
While phone calls may seem old fashioned to some people, the truth is we talk about a lot on the phone. Even if you don’t use your phone to stay in touch with loved ones or discuss sensitive business information with colleagues or clients, you may have to call your bank or the government to access services. During calls with your bank, you will likely discuss your banking details, and calls to the government will inevitably require answering verification questions and confirming your social security number.
Blackmail is nothing new, but the tiny computers we carry around in our pockets contain more personal information than our desktops and laptops do, making them tempting targets for hackers.
A typical blackmailing hack may go something like this: The hacker obtains some personal information on the victim that is already available on the black market, likely as a result of a previous, unrelated breach. They use this information to trick the victim’s phone company into believing they are the user and convince the company to transfer the victim’s number to a new phone owned by the hacker. When phone companies transfer numbers, they often transfer all the information on the old phone as well, which hackers can then use to blackmail their victims. In order to regain access to their personal files, victims may feel pressured to give in to the hacker’s demands or pay a ransom.
To Mine Cryptocurrency
Any computing device, including smartphones, can be hijacked by hackers and used to mine cryptocurrencies such as Bitcoin. This attack is referred to as cryptojacking. For more information on cryptojacking, and what steps you can take to safeguard yourself, please read our blog post Cryptojacking: Because Every Currency Needs to Be Protected.
To Gain Access to Your Company
Even if hackers target your phone, you may not be their primary target. A large percentage of office workers are currently working from home, which means many of us may be using our personal smartphones for business purposes. While working in a BYOD (bring your own device) exposes companies to risk providing work laptops and work smartphones for every employee may be cost-prohibitive. Fortunately, there are steps companies and workers can take to safeguard their devices and the company network. For more information, please read our blog post, Keeping Your Network Secure in a Bring Your Own Device World.
Cybersecurity Steps You Can Take to Protect Yourself
Stay Away From Third-Party App Stores
One of the easiest things you can do to protect yourself is to avoid third-party app stores; only download apps from trusted sources such as the Apple app store or the Android app store. However, hackers and other malicious actors have been able to penetrate these platforms as well, and some rogue apps have slipped through, so while this rule will reduce your odds of downloading a malicious app, it doesn’t completely eliminate risk.
Keep an Eye on Your Settings
Checking your phone’s settings can help you spot suspicious behavior. If your phone seems to be chewing through its battery more quickly than usual or appears to be running more apps than you currently have open, it may indicate a hacker has downloaded and is running a malicious app on your device without your knowledge.
Wait Before You Download
While you may be tempted to download that shiny new app as soon as it launches, waiting can help you ensure that new apps are free of serious security flaws. Waiting also gives developers a chance to issue patches to address any issues that do come to light.
When in Doubt, Don’t Click
Whether you are using your smartphone, desktop, or laptop, if you:
Notice that there are apps on your phone you don’t remember downloading
You should stop using your phone until you can get some answers. If you think you may have been hacked, you should contact your MSSP right away for advice and next steps.
Not every organization can afford to support a full team of IT experts, but that doesn’t mean you can’t benefit from expert knowledge and advice. By leveraging your Managed Security Services Provider (MSSP), you can help keep your digital assets secure no matter how large or small your IT department is.
What Defines an IT Light Environment?
A company can be IT light in several ways: either light from a staffing perspective, light from a technology perspective, or both. Staffing IT light organizations have minimal internal IT staff, and may not even have a dedicated IT person on staff at all but may instead rely on one or more employees who split their time between IT tasks and their main job. This approach can be problematic as it often forces IT employees who wear several hats to focus on reacting to situations instead of addressing them proactively as the bulk of their attention must be allocated to non-IT tasks.
A technology IT light organization may have one or more dedicated IT personnel on staff, but may have small or limited IT needs or rely on IT solutions that are not sufficiently robust or comprehensive. This may be because their dedicated IT person is unsure of the best course of action or simply doesn’t know that there are better products and services available to meet your organization’s needs. Either type of IT light organization can benefit significantly from the expertise offered by an MSSP to both safeguard their digital assets and ensure their IT needs are met.
Leveraging Your MSSP
When most people think of MSSPs, their first thoughts turn to cybersecurity. While a robust cybersecurity posture is critical for any organization, a great MSSP can help supplement a skeleton crew of internal IT professionals or help you choose the right technology to suit your needs and fortify your IT infrastructure effectively. A great MSSP will help ensure your network remains secure and advise you on best IT practices to boost security and potentially even improve your network framework and performance.
A MSSP can help lessen the workload of your internal IT team and offer valuable advice. One of the biggest benefits of partnering with an MSSP is that you can access an entire team of IT and cybersecurity experts without having to hire and support a large internal team. Outsourcing your IT and cybersecurity means the cost to support that team is defrayed. Additionally, no one IT or cybersecurity expert can know everything, so relying on an entire team allows you to access more knowledge than even the most experienced internal IT or cybersecurity person can offer and doesn’t require you to hire, pay, and retain high-cost IT and cybersecurity employees.
Get a Heads Up on Potential Issues & Cybersecurity Attacks
MSSPs are also well connected, making them an excellent tool to have in your toolbox. They typically serve many customers and develop close relationships with vendors. As such, they are often able to spot potential issues before their clients can and formulate a plan to address potential problems before they can manifest. Their close relationship with vendors and expert cybersecurity and IT knowledge also mean they are often in the know regarding potential vulnerabilities and issues before the wider cybersecurity and IT community is, giving you a head start on fortifying your defenses against potential issues and attacks.
Focus on What You Do Best; Leave the Rest to Your MSSP
You aren’t in the IT business, so it doesn’t make financial sense to support a large internal IT or cybersecurity team. By outsourcing your IT and cybersecurity to the experts, you can focus on what you do best and leave the rest to your MSSP. MSSPs can be a strategic asset, identifying gaps and creating roadmaps as well as driving those roadmaps to completion. By relying on an MSSP to do the heavy cybersecurity and IT lifting (such as handling investigations, following up on alerts, and triaging problems), you can free up your staff to focus on your core business. Your MSSP will alert your internal IT or management team when necessary or simply provide notifications of problems that have arisen and already been dealt with.
The entire job of an MSSP is to handle cybersecurity and IT issues. A great MSSP has an entire team of experts working 24/7/365 to keep organizations like yours safe from malicious cyberattacks and disruptive IT issues. Since your MSSP handles all of the IT and cybersecurity staffing, you never need to worry about being left vulnerable by staff turnover or team members taking leave (such as maternity leave). You get seamless, 24/7/365 service at a fraction of the cost it would take to support an internal team of the same size and staffed by the same number of experts. A great MSSP also understands the unique considerations and requirements of your industry, whether you:
Ensuring your IT and cybersecurity needs are met is vital for supporting your daily operations and safeguarding your digital assets. If your organization isn’t large enough to justify supporting a large internal team of IT and cybersecurity experts, you may want to consider partnering with an MSSP. Your MSSP can handle the majority of your IT and cybersecurity tasks, consult with internal IT or management teams as necessary, and free up your staff to focus on your core business.