Jul 24 2023

Cybersecurity measures SMBs should implement

Category: cyber securitydisc7 @ 8:32 am
Cybersecurity measures SMBs should implement

Small and medium-sized businesses (SMBs) are targeted by cyberattackers as much as large companies, the 2023 Verizon Data Breach Investigations Report (DBIR) has revealed; here are some cybersecurity controls they should prioritize.

Company size does not matter to cyber attackers

SMBs often underestimate their appeal as a potential target. They assume they are “little fish” not worth the attackers’ effort and that their data holds little value. But that’s not true: their systems store sensitive information, including employee and customer data and financial information.

What’s more, they are often used to access systems at larger organizations (partners, customers or suppliers) – and as a recent Proofpoint study has shown, cybercriminals frequently target SMBs (especially through regional MSPs) as a means to breach larger agencies and organizations in the public and private sectors.

Unfortunately, SMBs typically allocate only a small fraction of their budget to strengthening their cybersecurity defenses, and are often ill-equipped to effectively combat cyber threats.

One critical factor exacerbating SMBs’ vulnerability is the shortage of dedicated security personnel; bigger organizations can offer bigger salaries to cybersecurity professionals and smaller companies can’t compete on that front.

With limited staff and expertise, SMBs face an uphill battle in defending themselves against sophisticated cyberattacks.

How can SMBs up their cybersecurity game?

But not all hope is lost.

First and foremost, the notion that cybersecurity is solely the responsibility of the IT department must be dispelled; every individual within an organization plays a vital role in minimizing the risk of cyber incidents.

The Verizon 2023 DBIR report outlines three essential cybersecurity controls that will help SMBs with limited IT and cybersecurity expertise thwart general, non-targeted attacks:

  • Security awareness and skills training â€“ Make sure employees have the skills and knowledge to minimize general cybersecurity risks
  • Data recovery â€“ Create data recovery practices that can restore business assets to their original, trusted state in case of attack
  • Access control management â€“ Create processes for creating, assigning, managing and revoking access credentials and privileges for user, administrator and service accounts for enterprise assets and software.

Once essential cyber hygiene is achieved with those and after a company begins moving closer to the larger end of the SMB scale and has more resources available, it’s time to add other security controls:

  • Incident response management â€“ Establish and sustain an incident response program for prompt attack response
  • Application software security â€“ Identify and address vulnerabilities in internally developed, hosted, or acquired software to prevent potential harm to the company
  • Penetration testing â€“ Test the efficacy and resilience of enterprise assets and implemented controls by simulating attackers’ actions

“Now that you’ve already looked at the Controls and prioritized them, you know what you’re most likely to be hit with and you’re working your way through to the end—your ducks are almost all in a row. You have balanced preventive and detective capabilities and are on your way to being able to not only detect when something bad has happened but also respond quickly and appropriately. You have moved from the basics of putting your plan together to implementing a road map,” Verizon’s analysts pointed out.

“A few final things to consider at this point: Are you looking at aligning with a particular compliance framework? Do you track metrics around security in your environment? Do your efforts result in ongoing improvements to your security posture, or do they just provide a point-in-time snapshot that says, ‘I was good at this moment, but then things changed’? There is quite a bit you can do when you use good information about what is happening in your organization to steer your security strategy.”

The Essential Guide to Cybersecurity for SMBs

InfoSec books | InfoSec tools | InfoSec services

Tags: Cybersecurity for SMBs, The Essential Guide to Cybersecurity for SMBs

Aug 26 2022

How to Protect Your Small Business From Personalized Cyberattacks

Category: Cyber AttackDISC @ 10:50 am
How to Protect Your Small Business From Personalized Cyberattacks

Small businesses (SMBs) are increasingly targets of cyberattacks and are often financially devastated by a single successful attack. Even with a significant network of security tools in place, SMBs can be caught off guard by the increasing number of attack methods threat actors choose to employ. However, with the following information, SMBs can safeguard their business and their employees from two common attack types: Executive impersonation and business email compromise (BEC).

One of the most crucial things to watch out for is executive impersonation, which can start with a spear phishing attack on a key member of the executive team. A successful initial attack will lead to the compromise of the individual’s phone number or email account, providing a threat actor with both a window into internal events, but also a means to request funds transfers or other financial theft. Interestingly, once successful, the threat actor may also monitor the same executive’s social media accounts and wait until they are on vacation or out of the office before making first contact.

This is not directly part of the attack vector; however, it is an effective surveillance tool.

Identify Attacks

These types of phishing attacks are on the rise because they rely on human error rather than software or operating system vulnerabilities. Mistakes by well-intentioned employees are less preventable and predictable, but they can be identified and thwarted if recognized quickly. WMC Global recommends companies employ a service that monitors for active phishing attacks and for client interaction or compromise. Thus, when an employee in a business makes a mistake and visits a malicious site or provides credentials to a thief, the event can be identified quickly, and the company warned in real-time.

Securing Small Businesses Against BEC Attacks

When looking to secure small companies, the importance of employing BEC alerting also cannot be overlooked. According to the FBI, in 2021 small businesses lost upwards of $2.4 billion in email scams, including BEC attacks. Why are BEC attacks so successful? The threat actors do their research and are very selective about who they target. They complete full background profiles and potentially dox their targets as well. When employees fall for and submit credentials in these types of attacks, urgent action is needed to prevent damage and protect critical business systems.

So, how can small businesses protect their employees from these in both the short and long term?

1. Train Your Employees. Make sure to train employees about the signs of social engineering attacks at least quarterly. Emphasize identifying and avoiding phishing attacks sent not only to the business email but also via SMS phishing messages.
2. Develop Procedures for Critical Process. Ensure that your company has documented policies for making changes to key financial procedures, and especially external payments to suppliers and partners.
3. Test Your Employees. Run simulations to ensure that your employees can identify and report both phishing and social engineering attacks.
4. Keep Travel Plans Private. Key executives should avoid exposing personal travel plans on social media, especially on overseas trips. Threat actors will take advantage of difficult and limited communications in these situations to impersonate key business executives and make requests that are hard for the company to validate effectively – back to the need for the development of procedures for critical processes.
5. Continue Defense Measures. Leverage special intelligence that can identify if a business employee clicks on a malicious link or that urgently notifies the company when an employee’s email or credentials are recovered from an active phishing attack.

Guarding SMBs

It’s critical for small businesses to understand that they will always be vulnerable to cyberattacks, but the above measures can provide defense for companies from threats that lead to executive impersonation and business email compromise. Following these five tips, SMBs will be well guarded against any attacks launched against their organization. Staying vigilant can be a decision that ultimately liberates a small business from threat actors and marketplace attack trends.

business smb risk

Protecting small businesses against emerging and complex cyber-attacks

#InfoSecTools and #InfoSectraining

#InfoSecLatestTitles

#InfoSecServices

Follow DISC #InfoSec blog

Ask DISC an InfoSec & compliance related question

Tags: Cybersecurity for SMBs

Aug 07 2022

SMB’s cybersecurity solutions to remediate risk

Category: cyber security,Information Security,Security ToolsDISC @ 10:36 am

We have build cybersecurity solution sheets for our clients which we would like to share with you. This can be a useful resource when there is a need to remediate risk. These are in pdf format which you can download.

Privacy guidance, audits, tools, training and software

Certification of individuals

Cybersecurity Solutions

NIST Gap Assessment Tool

ITGP comprehensive set of Toolkits

What are the differences between the 2013 and 2022 editions of ISO/IEC 27002?

You can choose the course based on your specific needs:

  • ISO 27001 Foundations course â€“ you’ll learn about all of the standard’s requirements and the best practices for compliance.
  • ISO 27001 Internal Auditor course â€“ besides the knowledge about the standard, you’ll also learn how to perform an internal audit in the company.
  • ISO 27001 Lead Auditor course â€“ besides the knowledge about the standard, it also includes the training you need to become certified as a certification auditor.
  • ISO 27001 Lead Implementer course â€“ besides the knowledge about the standard, it also includes the training you need to become an independent consultant for Information Security Management System implementation.

The online courses are suitable both for beginners and experienced professionals.

Learn at your preferred speed from any location at any time.

If you have any questions, feel free to send us an email to info@deurainfosec.com

Solution to Cyber Security

Tags: Cybersecurity for SMBs, Cybersecurity Solutions, remediate risk

Jan 11 2022

Small businesses are most vulnerable to growing cybersecurity threats

Category: Cyber ThreatsDISC @ 10:50 am
Small businesses are most vulnerable to growing cybersecurity threats

While protecting digital resources may be easy for large companies that can afford to hire in-house cybersecurity staff and establish threat monitoring and endpoint detection infrastructure, this endeavor can often seem impossible for SMBs. All the while, the dangers for smaller businesses could not be more acute, especially since the businesses’ operators and employees are often uninformed about common cybersecurity threats.

By understanding the threats they face and implementing a few relatively low-effort but highly effective protection measures, SMBs can leap into the next phase of growth with their digital assets secured.

Unique threats to SMBs

The scope of cybersecurity threats to small companies is no less varied than the threats large multinational corporations face, but SMBs’ size and lack of infrastructure often leaves them more vulnerable to targeted hacking schemes and threats. Hackers often opt for schemes that require less preparation and risk and find easier targets in SMBs.

One major vulnerability is the disadvantage SMBs face because they often do not control every aspect of their supply chain. A bad actor can conduct a software supply chain hack, isolating smaller vendors and suppliers as weak points with little to no cybersecurity protection, forcing them to unwittingly pass on malware that can disable an entire chain of businesses. SMBs in the logistics and operations industries are particularly vulnerable targets since they are connected to many other companies and will likely be more willing to pay the ransom to quickly resume operations at 100% capacity.

In addition, an entirely new slew of cyber threats has cropped up along with the hybrid work model. In a rush to digitize at the start of the pandemic, many SMBs relied on single systems that they perceived to be safe, including migrating their files and processes to the cloud. They hoped that the cloud’s decentralized nature would prevent them from being victimized by cyber attackers. However, even cloud software providers can be infiltrated, as all it takes is one bug to create a vulnerability. Yet most SMBs fail to acknowledge the new vulnerabilities remote work creates and are now even more vulnerable since they are complacently conducting business through unsecured systems.

All these threats represent a growing danger to SMBs’ success – and some SMBs are more vulnerable than others. Many of the industries (e.g., agriculture) that never thought they would be targeted and therefore eschewed any type of basic cybersecurity are years behind in their cyber protection measures.

wolf

Regulations add another complication

Cybersecurity for Small and Midsize Businesses

Cybersecurity for Small and Midsize Businesses by [Marlon Bermudez]

Tags: Cybersecurity for Small and Midsize Businesses, Cybersecurity for SMBs, SMB

May 03 2021

A battle cry for SMBs to address cybersecurity

Category: cyber securityDISC @ 7:33 am
A battle cry for SMBs to address cybersecurity

If cybersecurity is a new concept for the business, first take the necessary steps to follow best practises, as set out by the NIST Cybersecurity framework, as a minimum. Furthermore, to enhance the organisation’s overall security maturity, there are 4 key categories that need to be addressed: cyber strategy and risk, network security, endpoint security, and threat detection and response capabilities.

What is the current level of the cyber strategy and risk?

Small business owners are focussed on running their business with cybersecurity often a secondary concern. To begin with, businesses should seek consultation from industry experts to provide an assessment of the infrastructure to determine areas of concern. This will help the business plan, adapt and grow to stay competitive. It also will provide insight into how the business’ security measures stack up to the needs of the business currently and for the future.

An assessment by an external consultant can also examine whether the business is meeting compliance and regulatory requirements, which can be weaved into the security strategy. This guidance not only helps to improve the overall security posture, but also saves costs in the long run.

The Essential Guide to Cybersecurity for SMBs

Tags: Cybersecurity for SMBs