Author: Alexandre Palma
The paradigm we are used to is to watch cyber-attacks that damage or try to damage large companies because it is on them that attackers focus. After all, they are the ones that concentrate on the most relevant information and consequently can pay greater rewards. That is why those responsible for micro, small and medium-sized enterprises (SMEs) tend to think they are so small that no one will attack them, but they are very wrong.
With a lower level of cybersecurity than large enterprises, micro and SMEs are constant targets. Those who attack bet that smaller companies are less careful in the point of view of security and that they underestimate the value of their business information. And often bet well. In the USA, for example, six out of ten small businesses do not have a cybersecurity strategy. Result: they are already targeting 43% of the total cyber-attacks recorded in the country. Losses suffered by lack of computer security in micro and SMEs amounted to 2,700 (according to the FBI’s Internet Crime Report).
There are several strategies to consider when putting together a cybersecurity plan.
When the company struck, executives panic because they are small-scale companies and often do not even have a clear strategy for these situations.
As has been proven several times, the most recent case of the colonial pipeline attacked the damaging ripple effect of heavy-handed actions taken to curb ransomware. To contain the breach, operators shut down 5,500 miles of pipeline, which carries 45% of the east coast’s fuel supplies. This kind of disruption normally happens in many companies and is intolerable due to their small and midsize businesses. Not only is potentially damaging to customary relationships and the wider reputation of the organization, but the cost can be enormous. To have an idea, the cost of recovery from a shut-down of ransomware, is often ten times the amount demanded in ransom by the attackers.
The paradigm must change as quickly as possible, small businesses should be increasingly concerned about their cybersecurity and be aware that they will increasingly be the target of the toughest attacks.
In a way to plan an effective strategy in responding to attacks of this kind you should take some measures like:
Monitor and Target: Once an attacker has gained a foothold within an organization, it is vital that the security team continuously monitor abnormal behavior to detect the breadcrumbs of emerging attacks. There is always a period when the attacker has an initial foothold and is working out what moves to make next; This period can be used to a business’ advantage.
Create a culture of security: At the basis of any cybersecurity plan is risk awareness. In this sense, no children the company, it is vital that all its employees share the concern about threats and share the effort with their prevention. Raising everyone in an organization about the specific risks that cyber-attacks pose to their activity is much more than a technical conversation about procedures – it’s a strategic issue. In this sense, it is vital to encourage all employees to report any suspected attack.
Information access should be accessible only to the employees they need for their activity, but everyone must be alert to the same signals. Be as aware of issues as simple as giving the attention that needs to attachments and links present in emails from unknown origins, that share SPAM detection solutions, or that carefully watch over your passwords.
Always Expect a Breach: Companies should test their existing capabilities and have a plan of action for when the worst happens. They should consistently monitor whether existing mechanisms give enough warning and can hold threats at bay long enough for the company to act.
Check Your Supply Chain: before they are faced with this, companies must take a proactive attitude toward the payment requirement in exchange for hackers safeguarding their data.
In situations of collaboration between companies in the supply chain, this issue can be even more critical since the density and complexity of the data are greater.
Two of the main recommendations in this regard stand out:
- Careful analysis of suppliers and partners: questions about the origin and vulnerability of the software used, the management and protection of customer data, etc.
- Action plan in case of emergency: prepare the actions to be taken in the worst-case scenario, if you cannot prevent an attack, enumerate the decisions to be made and identify whom to turn to.
These are just a few tips on how to deal with or guard against the worst in a cyberattack situation, cybersecurity is already a central point for the development of a company, without it there is the risk of everything going wrong and in the worst case, the company will go bankrupt.