The Growing Cyber Security Threat
How serious of a problem is cybercrime? A study by Cybersecurity Ventures predicts these crimes will cost the world $6 trillion a year by 2021. This is a big number, but it’s no surprise to anyone who has followed the exploits of hackers and online scammers.
Cybercrimes have become big news, with large data and security breaches at companies generating headlines, and cyberthreats from foreign locales such as China and Russia threatening U.S. businesses and elections.
The increasing amount of large-scale, well-publicized breaches suggests that not only are the number of security breaches going up — they’re increasing in severity, as well. Data breaches expose sensitive information that often leave exposed users at risk for identity theft, ruin companies’ reputations and almost always leave the company liable for compliance violations.
Security breaches have increased by 11% since 2018, and the average lifecycle of a breach in 2019 was 314 days (from the breach to containment). That’s a lot of time for data to be stolen, corrupted, or held for ransom.
Even enterprise companies and multinational corporations are discovering that their current IT security is not sufficient to fend off an ever-evolving list of cyber threats. This is perhaps most evident in the recent high-profile data breaches that have made headlines. A network breach can result in catastrophic losses of data and high costs for recovery and damage control. A breach can ruin a company’s reputation, making it harder for them to do business in the future. Security breaches at large companies are a matter of national security, as they have damaged our infrastructure and threatened our financial markets.
It’s tempting for small-to-medium sized businesses to assume that they won’t be a target of threats such as ransomware, malware, and phishing because of their size. The reality is that hackers target thousands of businesses simultaneously — size is not really a factor. If you have a connection to the internet, you’re a target.
Dependence upon cloud computing and an increasingly remote, mobile workforce means threats that compromise one system can compromise a larger network relatively easily. All it takes is a single security gap. To combat these threats, businesses are naturally turning to their own IT departments to shore up their networks, implement disaster recovery plans, and coach their fellow employees on data security.
Unfortunately, skill shortages and budget constraints have made security a significant challenge even at the largest, most well-funded companies.
To augment their own IT departments, manage costs, and gain access to additional IT resources, businesses of all sizes have relied on managed service providers (MSPs).
What is the difference between a Managed Service Provider and a Managed Security Service Provider?
It’s important to understand the difference between a managed service provider (MSP) and an MSSP. An MSP is a third-party organization that is contracted to perform ongoing IT services, essentially an outsourced IT department for businesses or organizations who do not want it all managed in-house.
A managed security service provider (MSSP) is similar to a managed service provider, but with more cybersecurity capabilities such as virus and spam blocking, next-generation firewalls, breach detection, and end user security training. An MSP can function as an MSSP as long as they offer that level of specialization and select services, which mPowered IT is.
Both MSPs and MSSPs are designed to help organizations tackle complex IT problems without taking on the burden alone. Each tends to operate on a strategic level, offering valuable solutions and insights throughout all stages of the business’ life cycle.
Why do Businesses turn to MSSPs?
Skilled IT Professionals are in Short Supply
There simply aren’t enough trained and experienced cybersecurity specialists to handle the needs of the modern threat landscape. Unfortunately, hackers and other bad actors can function alone or in small cells, but cybersecurity is typically a team effort that requires constant attention from skilled individuals.
IT Departments are Often Spread too Thin
When a business’ internal IT department becomes overwhelmed, they will often turn to MSPs or MSSPs to fill in gaps. This is generally a much faster way to find and deploy a knowledgeable team without spending months hiring and training new staff.
Even Small Businesses need to be Secure
Small businesses are being targeted more frequently as larger enterprises shore up their own security. Hackers usually look for the weakest points, and that is usually the small business who isn’t taking cybersecurity seriously, not the massive corporation with a huge IT budget.
Cyberthreats are Constantly Evolving
One of the most challenging aspects of IT is that it is constantly evolving — and that goes double for the cybersecurity landscape. IT professionals and cybersecurity specialists must maintain a constant state of continuing education to keep up with the changes in their industries. This isn’t the kind of thing that business owners or C-level executives have time to do on their own. By working with an MSSP, a business can be sure that their defenses are evolving to meet the changing needs of the times.
What Services does an MSSP Provide?
The typical MSSP works as an extension of your business through consulting, planning, and project-based action or ongoing management. Cybersecurity must work in layers, and that means every business needs a tailored suite of solutions working together to completely protect their network and data.
Here are some of the Essential Services Offered by MSSPs:
- Offsite Backups and Recovery Plans
- Employee Awareness Training
- Next-Generation Firewall Protection
- Encryption Services
- Password Regulations
- Security Assessments
- Email & Web Filtering
- 24/7 Network Monitoring
- Offsite Backups and Recovery Plans
- Antivirus Services
- Breach Prevention Services
- Automated Updates
- Dark Web Scanning
- Multi-Factor Authentication
End User Awareness Training
In most of the recent high-profile security breach cases, the cause was employee negligence — usually initiated by a phishing email or SMS text message. Humans are almost always the weakest link in a security chain, which means the weakness must be addressed through training in threat awareness and avoidance.
According to a study reported by Tech Republic, 54% of the 1,000 IT professionals surveyed said poor password policies and the careless actions of employees were the root causes of cybersecurity incidents at their companies. More than 50% of the companies surveyed had experienced a ransomware attack in the past year, and 79% of those affected said the ransomware entered their system through a social engineering attack (such as phishing).
What are the other common culprits? Poor password maintenance, a lack of two-factor authentication, or having no password regulations in place at all.
While it’s important to strengthen your network, the human factor must be addressed for your security effort to be successful. MSSPs can be contracted to create a culture of security at your company. They’ll coach your employees to recognize common security threats like phishing emails and malicious links. They can even help you establish a password policy so that passwords are updated regularly and stronger company-wide.
24-7 Network Monitoring
Most organizations can’t afford a staff of in-house IT professionals to manage their network around the clock. Network Operations Center (NOC) monitoring is an important service provided by MSPs, typically to monitor for network outages, server overloads, and other errors by scanning critical network functions. MSSPs provide 24/7 Security Operations Center (SOC) monitoring to identify security issues, manage firewalls, scan for vulnerabilities, and provide intrusion protection and prevention.
MSSPs can monitor networks continuously via their own SOC or through specialized third-party providers. In the event of an issue or security threat, engineers at the MSSP are notified and act quickly to resolve problems. This type of active monitoring is the surest way to ensure data security and minimize downtime.
Emergency Backup and Recovery
Data backup is common at most companies and often required when regulatory compliance is a factor.
Offsite data protection ensures your data is secure and ready to be recovered in the event a system crash or internal error. It also ensures your data is protected in the event of a catastrophic natural disaster. Secure, reliable backups can also serve as a means to access and recover data in the event of a ransomware attack.
To combat growing security threats, modern organizations need a layered approach to security. This includes enterprise level antivirus software as well as anti-malware, Next-Generation Firewall Protection, intrusion detection and prevention, and well-trained employees. An MSSP provides all of these security layers as part of a package to your organization.
Don’t make the mistake of relying on consumer-grade antivirus software in a business environment. While many commercial antivirus solutions are fine for personal use, they do not offer all of the solutions needed when protecting a business. You should be able to manage and monitor all your devices from a single platform. Your antivirus software should receive automated updates and provide advanced protection beyond what is needed for personal use.
Email & Web Filtering
Email filtering helps to identify spam and phishing emails and delete or quarantine them before they can do harm. Most modern email platforms, such as Gmail or Office 365, have a built-in spam filter, but hackers have become very good at bypassing these filters. Since some spam will always make into your employees’ inboxes, scam or fraudulent emails will always be a threat to your business.
An MSSP can provide you with advanced layers of email filtering services along with training to help you identify harmful emails before they’re opened and clicked. The security tools provided by an MSSP can also help you filter out malicious websites when your employees are browsing online. To increase employee productivity, you can also use web filtering to block specific types of content such as online shopping sites, social media sites, and gaming sites.
A breach occurs when data is compromised and finds it way into the wrong hands. This can happen through network intrusion, through a malicious email link, or if someone downloads your data to physical storage and then uploads it to the dark web (like from a stolen device).
With so many ways for breaches to occur, cyber defense must move beyond the IT department and into your organization as a whole by fostering a culture of security. In addition to monitoring for attacks and unusual behavior, an MSSP can help you create this culture at your company through training, monitoring, and technical expertise. They’ll help you get control over who is accessing your data so you can stay proactive and prevent dangerous activity before it occurs.
Updates to your applications, software, and operating systems aren’t just to improve functionality. Many updates are sent to protect the software or device against a new type of threat or to patch vulnerabilities that have been recently discovered. These updates don’t always download and apply themselves automatically. They must be authorized by a user, or by an administrator. Too often, important updates are neglected because internal IT staff are overstretched or unsure of what an update will do to the system. Neglected updates quite frequently leave your system vulnerable.
An MSSP ensures that you’ll never have to worry about missing updates and making yourself vulnerable to avoidable threats. Part of their job is to find outdated software and provide automated updates and patching services so you’ll never need to go through your systems and apply updates manually.
As we mentioned, humans are usually the weakest link in a security chain. One way that is true is that people are often careless with creating and maintaining their passwords. When employees are responsible for creating and maintaining their own passwords, you can expect vulnerabilities. Employees will often use the same password for all their accounts, use passwords for years at a time, or they may use a very weak password like “12345,” “password,” or their name and birthdate.
Passwords like these are easy for password cracking programs to decipher. If the same password is used for multiple logins, it could give hackers access to your entire system as well as any software you use. Part of the issue is that too much of the burden is placed on individual employees, many of whom simply want to log in and get to work without having to deal with complicated passwords.
Without any guidance, they’re likely to pick a password that’s easy to remember and stick with it. An MSSP can help your company develop a strong password policy and implement password standards for all your employees. Password regulations, or password policies, govern how your employees create, manage, and use passwords. You may also benefit from using a password manager to help your employees keep track of their passwords. This may be necessary if they use several accounts throughout the day.
Data Encryption Services
Data encryption is important for businesses that must meet regulatory requirements, but every business should include encryption as part of their security strategy. The most comprehensive approach is usually to encrypt any and all data that may be passing through or coming from your business via email, your website, or the internet in general.
Encryption is about protecting data during transit so that theft by interception is nearly impossible. There are many forms of encryption including website, email, network, and hardware encryption. Encryption is becoming the new standard for many businesses. Most major email plat- forms either encrypt emails automatically or make it easy to encrypt emails yourself. At the beginning of 2017, Wired magazine reported that at least half of the web is now encrypted.⁵
Nonetheless, managing the encryption of your data can be difficult and time-consuming. An MSSP can provide your company with Encryption as a Service (EaaS) so you can focus on other tasks with the knowledge that your data is secure. They can also provide additional network layer encryption and hardware encryption.
Many organizations are bound by regulations and must have certain security measures in place in case they are audited, but any organization that handles important data should check their security status regularly. An MSSP can help you conduct such evaluations and asses your own security. It’s important to do this regularly, as time creates gaps in security that can make you vulnerable to new forms of attack. During a security assessment, an MSSP will look for common problems, including:
- Poor network architecture
- System configuration errors
- Data integrity and confidentiality
- Weak passwords and poor password regulation
- Missing system updates and patches
- Network vulnerabilities
An MSSP can provide an initial security assessment of your organization followed by periodic assessments to keep you secure.
Dark Web Scanning
The dark web is part of the internet that is hidden from conventional search engines like Google, and thus, doesn’t attract much legitimate traffic. It acts as a marketplace for stolen data and hosts many other illicit activities and illegal trades. When a system is breached, it’s common for cybercriminals and other bad actors to post data on the dark web for sale. An MSSP can provide you with dark web scanning to help identify any of your data for sale on the dark web, thus allowing you to minimize further damages.
Although the best protection is to protect your business from breaches in the first place, dark web scanning helps to mitigate damages. It also serves as a means to located stolen data that could have been originated before your current cybersecurity strategy was put into place.
Multifactor or Two-factor Authentication (2FA) has become almost essential, as it helps to offset the risks associated with weak passwords. While you should still focus on creating strong passwords and enforcing password policies at your company, you should also take into account the possibility that at least one of those passwords will eventually be compromised. Hackers can decode passwords using cracking programs, buy them from adjacent data breaches, or bypass them using phishing scams.
Once a password is revealed, it won’t matter how strong it is. If one email account is breached, it can be used to reset the passwords of other accounts or perform further spoof email attacks within the network.
In a two-factor authentication (2FA) system, an account holder must provide two separate pieces of information to access an account. This often takes the form of a primary password and a temporary, randomly generated PIN that is usually sent to the account holder’s smartphone via SMS or email.
This can also be accomplished through a specific device that generates a random PIN, token, or password which the account holder possesses. The second piece of information, or token, is secure because only the account holder has access to it. Additional layers of security can be put in place for extremely sensitive information. For example, you can add biometrics, such as a thumbprint, as a requirement for access. Such an approach offers three layers of protection: “something the user knows,” “something the user has,” and “something the user is.”
Who are we?
mPowered IT provides a full range of IT Support, including technical helpdesk, data backup and recovery, and strategic consulting to small and medium-sized businesses. We take cybersecurity very seriously and always go the extra mile in securing both ourselves and our clients from the latest cyber threats.
We work with many types of businesses throughout the area, and strive to eliminate IT issues before they become costly and frustrating. You can continue to drive your business forward while we make sure your technology is functional and secure. Our dedicated staff loves seeing our clients succeed.
Give those hours wasted on IT problems back to your staff and create a lasting impression on your clients through superior technology services and customer care. Give us a call at 678-389-6200 or visit our website to learn more.
Learn to Spot Phishing Email | Good Email Hygiene
Avoid the spread of ransomware by learning to avoid malicious emails. Most phishing attacks can be stopped with a little diligence and awareness. Don’t let one bad click bring down your company!
Can you spot…
…use of a trusted name?
…an almost legitimate sender address?
…a generic greeting?
…attempts to create urgency?
…a suspicious attachment?
…a malicious link?
…generally unprofessional look and feel?
Train for phishing awareness
WATCH FOR GENERIC CONTENT AND GREETINGS
Greetings like “Dear valued customer” or “Important client” are a bad sign. If you or your company isn’t identified by name at the beginning of the email, be suspicious.
NOTICE MISSPELLINGS, INCORRECT GRAMMAR, & ODD PHRASING
Phishing emails from other countries (which is the majority of them) often contain poor grammar and misspelled words.
URGENCY IS THEIR MOST POWERFUL TOOL
Scammers have known this for ages: if you make someone panic or hurry, it’s much easier to make them slip up.
MANUALLY CHECK ALL LINKS
Mouse over every link to check the URL you’ll be sent to. If you don’t know for sure that it’s safe, don’t take the chance.
EXAMINE THE SENDER’S EMAIL ADDRESS
Scammers use email addresses that look almost like legitimate email servers. Be wary of addresses like “@microsoft.custsupport.com” or “@ups-service.com”
ONLY INPUT DATA ON SECURE WEBSITES
Any webpage where you enter personal information should have a url beginning with https://.
For ways to protect your small business, call mPowered IT at 678-389-6200 or visit mpoweredit.com.
Cybersecurity is a complex subject, which makes many businesses hesitate to fully address it. Don’t be one of them.
The first step to understanding the importance of cybersecurity is to realize the number and type of current threats, the potential damages they can cause to your business, and the common mistakes that increase cyber risk.
1. It’s predicted that, by 2021, cybercrime will cost the world $6 trillion annually.
2. On average, a cyberattack is carried out every 39 seconds.
3. 1 in 323 emails sent to small businesses involve malicious links or a phishing attempt.
4. 95% of cybersecurity breaches can be traced back to human error.
5. The average cost of a data breach in 2021 will exceed $150 million.
6. 60% of small businesses that fall victim to a cyberattack go out of business within six months.
7. 56% of Americans are unsure how to respond in the event of a data breach.
8. On average, SMBs experience 8+ hours of downtime during a breach.
9. 62% of SMBs lack the in-house skills to handle cybersecurity.
10. 21% of business data folders are not encrypted or access controlled in any way.
Ransomware is still one of the most common threats to businesses in 2021. Typically spread through seemingly-harmless emails, ransomware can easily make its way into your network and lock access to your systems and data.
11. 63% of ransomware victims in 2019 were small businesses.
12. During 2019, in the US, ransomware infected 113 state and municipal governments and agencies, 764 healthcare providers, and 89 universities, colleges, and school districts.
DATA Backup and Disaster Recovery
Every business should have a data backup solution in place, regardless of size or industry. With technology playing such a huge role, the prospect of losing files or being denied access to your own systems is costly — and could be devastating.
13. Only 21% of SME companies have a full disaster recovery plan.
14. The average cost of downtime to a business is $5,600 per minute.
15. The most common causes of data loss are hardware/system failure (31%), human error (29%), and viruses, malware, or ransomware (29%).
16. A simple drive recovery can cost upwards of $7,500, and success is not guaranteed.
17. 58% of SMBs say they test their disaster recovery plan just once a year or less, while 33% say they test infrequently or never at all.
For ways to protect your small business, call mPowered IT at 678-389-6200 or visit mpoweredit.com.
Since 2016, there have been 855 cyber incidents publicly disclosed by U.S. schools and districts, according to data from the K–12 Cybersecurity Resource Center. There were 348 in 2019 alone, nearly three times the number in 2018. With the increased use of technology for teaching, learning and continuing school operations in today’s remote environment, schools have also become more vulnerable to cyberattacks.
PHISHING – The most common threat is social engineering attacks, which includes phishing. Phishing is a tactic scammers use to trick users into giving them confidential information such as passwords and network credentials or installing malicious software through fraudulent downloads or attachments. Campaigns run the gamut from impersonating government agencies asking for bank account information to issue stimulus checks to fake businesses pretending to sell personal protective equipment.
RANSOMEWARE ATTACKS – Ransomware attacks, which involve bad actors encrypting data files and systems through malicious software and requiring districts to pay a ransom to regain access, are also another huge threat to school districts. These attacks are particularly challenging in a remote environment because a lot of systems aren’t necessarily set up to be automatically patched once they’re off the network.
EXPLOITATION – Cyberattacks also exploit open Remote Desktop Protocol (RDP) ports and Server Message Block (SMB), a protocol used for file sharing and access to remote services, to spread malware like wildfire. Users accessing blocked websites has become a bigger challenge with everyone working remotely.
It’s not often that the technology fails. It’s individuals behaving in ways that put an organization at risk by not using a complex password, or showing reluctance to using multifactor authentication. Educating users is important, especially with looming budget cuts that may affect spending on security improvements such as firewall upgrades and higher-level endpoint protection. Training needs to be ongoing and should include everyone in a district.
Are you interested in learning more on how an MSP could help your organization stay safe? Give us a call at 678-389-6200 or visit mPoweredIT.com.
Sources: K–12 Cybersecurity Resource Center https://k12cybersecure.com/map/