According to a report published by Datto on the state of channel ransomware which surveyed more than 1,400 MSPs around the world, it was found that more than 85% of all MSPs agreed that “ransomware was the most common malware threat to small to medium-sized businesses.”
We know, from our talks with small to medium-sized business owners that many of them feel they are “too small” for a cyber hacker to worry about hacking into their system. Their thinking should be the opposite. Because they are small or medium-sized, many cyber hackers know that they don’t have the resources or the knowledge to implement powerful methods of preventing a hacker from infiltrating their databases. It’s a fact that small to medium-sized businesses are an easy target and cyber hackers will go toward the low-hanging fruit when attempting a ransomware takeover.
Is your business safe from a cyber attack? How would you recover your data and protect your client’s data if a ransomware attack occurred in your business?
What are you willing to risk to not be as protected as you need to be?
Here are some of the findings of the Datto report:
- Business owners need to have a business continuity strategy in place. You may not be able to prevent ransomware, but what you can do is have a recovery plan in place. Even if you use antivirus programs, patch software when patches are released and have perimeter protection, you need to have a solid business continuity and disaster recovery (BCDR) plan solidly in place. A BCDR needs to be solid and dependable if your business has any hope of recovery.
- The front line of defense needs to be in place. You may not be able to keep cyberhackers out, but if you have front line defense you are opening the doors to a hacker. What tops the list of weak lines of defense? Lack of cybersecurity training for all staff, weak passwords, staff who don’t understand phishing scams or the signs of ransomware. Cybersecurity training needs to be mandatory and frequent to ensure your employees know what potential scams look like and what to do if they see a suspicious email. Business owners need to consider the human factor in all cyber security training.
- Layers of protection are crucial. Standard security solutions cannot block ransomware attacks. Cyber attacks come at your business in multiple ways. Hackers are persistent and if they’re thwarted in one area, they will attempt another. Your business needs to be multilayered in its security approach.
Above all, in order for a small to medium-sized business owner to protect the organization’s data, it needs to have a dedicated cybersecurity consultant on staff or on retainer to ensure business continuity. It is not enough to rely on a “tech person” to protect the business. IT experts and IT support staff have the skills and knowledge to keep the tech in the organization up and running, but they don’t have the singular focus that a business continuity and data recovery specialist does. Consider that downtime costs for a ransomware attack cost, on average, $200,000 in lost data and time and ask yourself again: How much are you willing to risk in your business?
I run an IT & Cyber Security Consultancy focusing on Business ContinuityDisaster Recovery (BCDR). We work professionals in many fields including legal and medical.
If you have security and business continuity and cybersecurity questions let me know. I am also filling up my calendar with guests on my Security Disciple Podcast. If you’d like to be a guest, please DM me @waregeeks, call (877) 653-7146, or email me firstname.lastname@example.org. www.waregeeks.com