If you’re a business owner, there’s no doubt the recent waves of ransomware attacks have raised your level of concern. These ever-increasing cyber threats hold your electronic data hostage in return for payment and effectively bring your business to a grinding halt.
While you may think hackers only go after big corporations, small to medium-sized businesses can still be a casualty, and research conducted by the Ponemon Institute shows that it’s more a matter of when it happens, rather than if. Their findings show that 51 percent of small businesses have already experienced some type of attack, and also:
- 33 percent of victims were forced to invest in new security and backup technologies
- 32 percent of victims lost money due to system downtime resulting from the attacks
- 32 percent of victims lost customers and future revenue as a result of the attack
Still think it can’t happen to your business? Two Indiana-based organizations were victims of recent attacks. At the end of 2016, The Madison County government was practically shut down and needed to pay $28,000 to get their data back. The government then needed to invest in more robust security features to ensure the situation wouldn’t happen again.
In 2017, a Muncie based nonprofit’s data was held ransom to the tune of $43,000. This organization decided to take an alternative route by choosing not to pay and focusing on rebuilding their data.
When was the last time you shared an Office document or clicked on a link sent to you from an email address of a vendor or customer you’re working with? These communications and documents can easily become infected with malicious macros. Just one click can effectively bring your business to a halt.
Your best defense against a ransomware attack is to stop the attack from happening in the first place. This can be accomplished by:
Educating your team and paying attention to credible news sources
As mentioned above, something as simple as clicking a link from what looks to be a familiar name could potentially be disastrous. While your IT manager or more tech-savvy employee may be aware of pitfalls, the same might not be said for each member of your team.
Consider regularly monitoring publications like ITSP Magazine and relaying updates to your team if there is anything concerning on the horizon.
Organize and implement your plan of action
The financial cost or loss of an attack doesn’t end outside the walls of the office. Even if consumer data isn’t compromised, loyalty and trust can falter. The average losses for this particular type of damage are $8,653 for SMBs and up to $204,750 for enterprises, according to Kapersky Lab.
To ensure as much protection as possible, implement a plan of action for all employees and staff if a cybersecurity does ensue. This may include issuing a quote to the media or involving legal offices.
Implement professional security
All businesses can make sure they are regularly updating their operating system as well as updates for other software in use. Unfortunately, there are some steps that a small or medium sized business may require but simply unable to accomplish on their own.
If this is the case, find a technology provider or IT consulting firm that can implement a layered protection approach starting with the edge of your IT infrastructure and working your way to the desktop or laptop. A technology firm may also help businesses consider employing a full end-point protection suite that includes: virus scan, behavior analysis, intrusion detection, content filter, firewall, and malware.
Prepare now to assure more ease of mind for the future
With the average costs of a security break on a small business reaching $46,000 (reports Kapersky Lab), the cost of preparation is worth the initial investment. While that figure includes the direct spend required to recover, it doesn’t include the indirect costs such as lost business opportunities and the potential for an eroding reputation. Remember: continue to read credible news sources, implement a plan of action and consult a professional firm accordingly.
Kevin Holland is Infrastructure Manager at Aura IT Consulting.