Small and medium sized businesses (SMBs) often get left out of the cybersecurity conversation, with most attention going to large enterprises.
This shouldn’t be the case as SMBs are the backbone of the economy, employing large numbers of people and providing the engine room for Australia’s prosperity.
Compared to larger enterprises, SMBs have less financial, technical and people resources to produce a strong cybersecurity posture. This means an outsourced, cloud-based solution where the business is only paying for what it needs, when it needs it, is the way forward for small and medium organisations.
Looking at the threats
One of the biggest threats faced by companies of all sizes is ransomware where criminals infiltrate the business network, encrypt files, and demand a payment to restore them.
If data is encrypted, the business can’t run as usual, placing it in a monetary black hole because of the price they must pay, which has skyrocketed over the last few years.
According to the 2021 Webroot BrightCloud Threat Report, at the end of 2018 the average ransomware payment was $US6,733. By the end of 2019, that figure had grown 1100 percent, to $US84,116 and it has just gone up since then, peaking at $US233,871 in the final quarter of 2020. What’s more, ransomware attacks may extend beyond the financial impact, affecting businesses reputation and customer trust, and with protracted downtime, also affecting operations and downstream processes.
Layered protection is the answer
SMBs are increasingly relying on cloud services like GSuite and Microsoft365 to get work done. What’s not always apparent to customers is that cloud-based productivity suites aren’t immune to being hacked. In fact, the license agreement for Microsoft365 states customers should look to a third-party backup service if they want to protect their data. Microsoft might provide the software, but it doesn’t automatically provide the backup and security SMBs need.
With lots of work being done in the cloud, SMBs need to have a layered approach to security, with redundant, automated backup for their business software and data.
One of the best vectors a business can take in this layered backup and security approach is to educate its users. Regular training, repeated at intervals, will help staff spot malicious emails and help them identify dodgy attachments which could lead to a ransomware attack.
However, even with the best training, along with other security layers such as web and DNS filtering, mistakes may happen and there’s still a chance your business will be hit with ransomware. One of the best ways to bounce back from an attack is to establish a redundant backup and recovery strategy. Without a recovery strategy and data backed up independently, it’s very unlikely your business can recover quickly from an attack. In fact, it might not recover at all.
So, how do SMBs protect their assets? First, determine if you have the resources to properly protect your data in-house. If not, consider working with a managed solution provider who can source and manage these services for you.
Second, have a solid backup and recovery strategy. Use a third-party, automated backup service for your cloud software and data. With automated backup services, users do not have to manually copy files or remember to do it.
Third, implement a comprehensive education campaign. Our research shows that running recurring awareness campaigns for users massively decreases the likelihood they will take an action which could result in a malware infection. Organizations that embrace ongoing security awareness training see a 72 percent reduction in users clicking on links in phishing emails. Unlike other types of training, such as compliance that only occur once a year, ongoing security awareness training is needed to maximize effectiveness due to the quickly changing nature of the threat landscape.
SMBs are always going to be uniquely vulnerable to attacks, but by increasing user education and establishing strong security measures–either in-house or with the help of an MSP–SMBs can significantly decrease the likelihood their business will be brought to its knees by a ransomware attack.