There is an old saying, “any publicity is good publicity.” No one seems to know the exact origin. It was for sure before all the cybersecurity hacks and ransomware attacks began to pop up, because it’s hard to escape from all the cybersecurity issues in the news. The questions is – do you want to be in the news for that? Way too much on that topic, regardless if the target was the Colonial Pipeline, local school system, or a restaurant, no one is immune. In fact, one report states over 70% of ransomware attacks target small business with an average demand of $116,000.

Let’s touch on a few areas to continue to learn more about what you can do to protect your business. We will discuss people and two additional areas that modern cybersecurity software are designed to address. This is a very complex topic and we will try to simplify in an effort to help you ask questions to understand the degrees of protection you have or need. We will build on my last posting on this subject and another that touched on the basics. There are many resources available to help. Nothing is 100% perfect but not doing anything will for sure not put you in a positive spotlight.

1)    People – The most basic area is ensuring that your team is trained to not click on suspicious links in emails. If an email refers to what appears to be a legitimate website, it is safest to go there directly vs clicking on an email. There are even more basic things such as not writing down or using weak passwords. No legitimate tech support or financial institution will ever ask for your password. Thus training is step 1 and there are tools and programs available to help with this effort.

2)    Known detection and remediation – The most common software people are familiar with are anti-virus, malware protection, and firewalls. These primarily detect and protect from known signatures and slight variants. These are the most common tools for protection against known issues and minor variants. They typically rely on a database of signatures or patterns for known issues. It is only as good as the last updates and what has been discovered by someone else that ran into an issue.

3)    Unknown detection and isolation – The more challenging area is protecting against the unknown. Cybersecurity companies have a variety of options in this area. This is the most complex area and hardest for non-IT professionals to understand and compare. The is an area where AI (Artificial Intelligence) can make a big difference. The AI in the software looks for new patterns of activity that are different than in previous normal operations. The questions before you purchase are; is it just detection, any isolation provided, how is the potentially rouge program or virus isolated and contained? Most important, how hard is it to operate and how many false positives are detected? The number of false positives can overwhelm staff and lead to ignoring legitimate intrusion attempts. Back to item 1 above!

Think through

What is a low cost way to get started? The Federal Government via the National Cybersecurity Assessments and Technical Services offers assessment services that are available at no cost to Federal agencies, State and local governments, critical infrastructure, and private organizations. Also local cybersecurity providers and national resellers such as CDW or SHI offer low or no-cost assessment service.

Have you experienced a ransomware or other cybersecurity attack? If so, how did you deal with it? Any recommendations on best practices you have implemented?

Feel free to post comments or email them to me. Small Business, Big Lessons ® – How are you staying out of the news?

Small Business

  • This field is for validation purposes and should be left unchanged.

About the Author:

Gregory Woloszczuk is an entrepreneur and experienced tech executive that helps small business owners grow their top and bottom line. Gregory believes in straight talk and helping others see things they need to see but may not want to with a focus on taking responsibly for one’s own business. He and his wife, Maureen, started GMW Carolina in 2006.

Chapelboro.com does not charge subscription fees. You can support local journalism and our mission to serve the community. Contribute today – every single dollar matters.

 

Related Stories
None