By the DynaSis Team
With bad news about cybercrime appearing daily, many small and midsized business (SMB) owners may be wondering, “How vulnerable am I?” After all, most of the news accounts of data breaches and other attacks relate to major companies, governmental entities, and other very large targets.
Unfortunately, the reason SMBs aren’t making headlines is because they don’t make great news, not because they aren’t favored targets. A quick Internet search will turn up dozens of stories about the vulnerability of SMBs, as a group. In 2011, Symantec’s annual Internet Security Threat Report found that companies with fewer than 250 employees constituted 18 percent of targeted attacks. In the 2016 report, that figured had risen to 43 percent, with SMBs being the most heavily targeted group.
Why are SMBs so attractive? Major corporations have big security budgets, and they can afford to implement the latest techniques to protect their networks. Many have teams of security specialists whose primary tasks are to keep cybercriminals at bay. SMBs don’t have these types of resources, and hackers know that.
Nevertheless, the vulnerability of SMBs wouldn’t be enough, by itself, to make them targets. If hackers had to expend days, or even hours, finding and attacking a vulnerable SMB in exchange for a handful of proprietary information, they wouldn’t do it. Fortunately for the hackers, they don’t need to.
An entire ecosystem of cybercrime tools now exists, and many of them are freely available. Hackers have also learned they can turn groups of vulnerable systems into “botnets.” Here, multiple computing devices are interconnected and used to scan the Internet, looking for compromised websites to hijack, open corporate network connections to infiltrate, and other inadequately protected resources. Making matters worse, cybercriminals continue developing new attack tools and approaches, and even large organizations have a hard time keeping up.
For SMBs, becoming a victim at some point is a near certainty. In fact, most experts no longer counsel organizations that they can completely prevent a breach. Rather, the goal is to mitigate the damage when one happens.
Fortunately, it is neither expensive nor complicated to secure your firm and its resources and substantially reduce your odds of attack. It is also possible to implement automated mechanisms that will detect penetration and stop it, quickly. However, these tools are sophisticated and it is usually neither practical nor cost effective for in-house IT support teams to manage them.
For most SMBs, contracting with a managed services provider or an IT solutions firm is the most effective way of implementing and managing stringent IT security. However, not all IT consulting or IT support companies are created equal. Some are more security focused than others, with certified professionals and the latest technologies at their disposal.
To help organizations better understand cyber security and the considerations for hiring outside IT security assistance, DynaSis has developed two white papers: Cyber-Security 2016 and Managed IT Security. Both are complimentary downloads on our site. In future blogs, we will drill down into greater detail about cyber security, so stay tuned!
Selection of an IT outsourcing company is a very important business decision. For almost a quarter century, Atlanta’s small to mid-sized businesses have relied on DynaSis’ for managed IT services, internet security, and 24 x 7 x 365 helpdesk support. Today, with cybercrime becoming an ever-increasing threat, DynaSis has become an industry leader in network protection and ransomware prevention. Please take a tour through our website at www.DynaSis.com or speak with a technical expert at 678.218.1769.