Data security continues to be a problem that plagues businesses of all sizes. Big retailers like Target and Neiman Marcus are obvious targets, but small businesses can be targeted as well. And the threat can come from anywhere. Connecticut and Illinois investigators, for example, determined that the Target hack resulted from credentials stolen from a third party, and the result for Target was an $18.5 million settlement negotiated by Connecticut Attorney General George Jepsen, among others.
You don’t have to be a big company to become a target of cybercrime. Ransomware has become a huge threat to companies of all sizes, costing businesses more than $1 billion in 2016, and according to Cybersecurity Ventures it's expected to reach $11.5 billion by 2019.
A survey shows that 33 percent of respondents have experienced a ransomware attack, and 75% of organizations infected with ransomware were running up-to-date endpoint protection. In fact, ransomware has become such a big problem that the Connecticut House of Representatives unanimously voted to increase penalties for those convicted of the crime.
Data breaches have also become big business, targeting small businesses as well as big companies. The Verizon's 2018 Data Breach Report shows that 58 percent of data breaches recorded in 2017 were to small to medium businesses (SMB's), while other reports indicate that the most affected industries are retail (45 percent), food and beverage (24 percent), and hospitality (9 percent). One of the biggest costs to business is data breach notification. Connecticut legislators passed Act 15-142 which stipulates that if a Connecticut business suffers a data breach, it has to both notify all employees and customers affected and provide identity theft protection at no cost for a minimum of 12 months.
Your business can’t afford a data breach, so you need to have well-crafted security strategies in place to prevent a security breach before it happens.
Four of the Most Common Cyber Security Threats that Affect Small Businesses
1. Disgruntled Employees
Employees are the greatest security risk for any organization, because they know where the company’s valuable data is stored and how to access it. The most common cause of a data breach is from an ex-employee or an unhappy employee who didn’t get a promotion or a raise. If a trusted employee turns against you, the result can be disastrous if you aren’t prepared.
The best ways to stop an internal attack are to:
a) Make sure to change the passwords, credentials, and authentications when an employee leaves or is fired, just like you take his or her access key card
b) Monitor and manage access credentials very closely and be sure to log privileged account activity and watch for unusual behavior.
2. Careless Employees
In addition to malicious attacks, careless employees pose a tremendous cyber security risk. Too often, workers leave passwords in plain sight, posted to their monitor or desk, or coworkers share passwords. Another common problem is employees opening suspicious email attachments or surfing malicious websites, which can introduce malware into the system.
These kinds of problems aren’t malicious, but such carelessness can still lead to a costly cyber security breach. Affinion Group in Stamford, for example, exposed employees’ personal W2 information because an employee fell victim to a phishing scam.
The solution is to train employees in proper security procedures. Make sure they understand the importance of data security and remind them regularly about risks from malware and suspicious emails. In addition to training, make sure you have strong passwords in place and use proven authentication strategies. For further security, encrypt data so that it’s unreadable even if the system is hacked.
3. Mobile Users
To promote greater productivity, employees are increasingly using portable computing hardware, including netbooks, smartphones, and tablets, to access company data remotely. Every mobile device is an uncontrolled workstation that can provide access to corporate data. If a device is lost or stolen, then company data is at risk. And there is always the possibility that a downloaded game or app could include malware that can be transmitted to the network.
Many Connecticut-based companies have remote employees who are able to work from home or anywhere with an internet connection. Public Wi-Fi locations are not always secure, increasing the probability of a data security issue. It’s important to know what precautions to take when building out a secure computing infrastructure for a remote workforce.
Education is also a great defense for mobile users, especially those employees who use their own devices. Have a clear “bring your own device” policy in place for employees. You also can use a segmented data access approach, separating the applications from the data so that sensitive information is never actually transmitted or stored remotely. Hybrid cloud infrastructures can be valuable for these types of applications to separate application software from data stores. Data encryption and user authentication also are essential. And don’t forget to insist all mobile users have mobile device management software loaded on their systems for remote monitoring and protection, such as remotely erasing or locking a stolen or lost device.
4. Outdated Software
A common cyber security flaw in all networks is out-of-date software. New viruses and malware are introduced every day, and security software vendors work around the clock to maintain malware definitions. Similarly, operating systems need to be updated periodically with security patches. Outdated and customized software also can contain unseen cyber security problems. For example, if a custom application includes open-source code that goes back countless software generations, it could present an opportunity that hackers can exploit.
Your best strategy is to make sure all software patches and definitions are up to date, both for enterprise software and for workstation applications. Also, be sure to migrate to newer versions of outdated software. For example, the Connecticut Post reported that a global ransomware attack targeted Windows XP users, an operating system that is no longer supported by Microsoft.
These are just four of the most common types of cyber security threats that any company faces. Your best strategy is to develop a comprehensive set of cyber security protocols and best practices that includes password management, authentication strategies, and data backup and recovery. You might consider seeking expert advice on the security strategies that work best for your business. NSI is an expert in security systems design and remote management, and we will be happy to work with you to develop a comprehensive security strategy.
What are some other security threats that you could see affecting your local business?
Editor's Note: This post was originally published in June 2016, and has since been updated for accuracy.