Small and Medium Businesses Need to Improve Their Cybersecurity Post COVID-19 Lockdown

BullGuard | June 09, 2020

  • Given the sheer quantity of SMBs, their cybersecurity directly affects local resiliency in the face of cyber threats, SMBs must embrace their importance and scale up their cybersecurity appropriately.

  • Published research showing that one third of small and medium businesses (SMBs) use free, consumer-grade cybersecurity tools .

  • The government and major financial services players alike tout the digitization of SMBs. Increased use of information technology and digital assets offer companies new sources.


COVID-19 showed the world that widespread business failure affects communities. When businesses fail, business owners and workers can suffer heightened mental health issues and economic insecurity. Business failure increases the demand on local government for public assistance for unemployment benefits, small business loans, and more. Businesses that survive have fewer customers, and customers have fewer dollars to spend. As a result, more businesses fail. As more businesses fail, more people suffer. Alternatively, business success strengthens communities. Thriving businesses encouraging the creation of community identify and get involved in local events.


They contribute to their localities’ long-term economic growth by increasing the tax base, providing local jobs and products, building infrastructure, and encouraging competition. The government and major financial services players alike tout the digitization of SMBs. Increased use of information technology and digital assets offer companies new sources of revenue and growth, which companies desperately need in the midst of the current economic collapse. Even as digitization increases, 66 percent of small-business senior decision makers believe that cyber-attacks will not affect them. However, 67 percent of businesses suffered a cyber-attack in 2019.



Read more: CISA RELEASES FIRST OF ITS SERIES OF SIX CYBERSECURITY ESSENTIALS TOOLKITS

Finding online resources to boost cybersecurity is easy. Plenty of private companies publish lists of best practices. On its website, the Small Business Administration offers free access to planning tools, business assessments.

~ Business Administration


Since the beginning of the COVID-19 pandemic, one in seven SMBs have experienced a cyber-attack. Due to their general absence of awareness regarding best cybersecurity practices and their indifference toward the problem, small businesses have insufficient personnel dedicated to protecting their networks and their digital assets. Their staff lack necessary technical skills, and they do not have the budgets required to acquire or purchase adequate protection. The result is a self-defeating cycle. A small business hit by a cyber-attack can fail, like the California-based Efficient Services Escrow Group, which closed and laid off all employees following a cyber heist.


When businesses fail, their employees lose their jobs and no longer have enough money to purchase goods and services from other small businesses. Those businesses lose money as a result, and their owners, stressed about their economic prospects and already apathetic toward the importance of prioritizing cybersecurity, spend less on network and digital asset protection. The lack of proper spending and prioritization leads to worse cybersecurity practices, which in turn open the door to more cyber-attacks and more business failure.


As SMBs prioritize their time and spending during the long process of reopening, they need to take advantage of these free tools and take their cybersecurity at least one step further.


Cyber resiliency is the ability to anticipate cyber-attacks or stresses on digital and cyber resources, withstand them, and recover from them. As cyber-attacks on SMBs systematically weaken local communities, they lose their ability to withstand and recover. This strains public resources. Taxes comprise the largest source of revenue for local governments, but when businesses fail, their tax dollars dry up. Local governments, already lacking requisite cybersecurity resources, lose their ability to secure themselves and their communities. Failure is not inevitable. SMBs can take steps to increase their cyber resilience and boost their chances of success. Owners should lead by example and pay attention to their employees’ online habits.


They can demonstrate good cyber hygiene and teach their employees to do the same. Owners should identify business-critical assets and data to prioritize their protection. They should be proactive, rather than reactive, when planning protection against cyber-attacks. Finding online resources to boost cybersecurity is easy. Plenty of private companies publish lists of best practices. On its website, the Small Business Administration offers free access to planning tools, business assessments, cyber hygiene vulnerability scanning, and best practices. As SMBs prioritize their time and spending during the long process of reopening, they need to take advantage of these free tools and take their cybersecurity at least one step further.


Read more: REDSCAN WARNS OF AN INFLUX OF CYBERATTACKS WHEN BUSINESSES RETURN TO THE OFFICE

Spotlight

This white paper, with expert insights from the American Foundation for the Blind (AFB ), discusses federal legislation for document and web accessibility, recent ADA litigation case studies, the challenges related to complying with accessibility legislation and solutions for overcoming these challenges to deliver an inclusionary, quality customer experience.

Spotlight

This white paper, with expert insights from the American Foundation for the Blind (AFB ), discusses federal legislation for document and web accessibility, recent ADA litigation case studies, the challenges related to complying with accessibility legislation and solutions for overcoming these challenges to deliver an inclusionary, quality customer experience.

Related News

DATA SECURITY

Morphisec Announces New Incident Response Services as Enterprise Attacks Escalate

Morphisec | August 16, 2021

Morphisec, a leader in cloud-delivered endpoint and server security solutions, today announced the launch of its new incident response services at HIMSS21. The service will help organizations across the healthcare industry, and various other markets, identify, contain, and report on security incidents in progress while validating or verifying the lack of a breach. Morphisec adds this service at a time when a flood of cyber threats have placed businesses under increasing pressure, making incident response necessary for industries like healthcare and manufacturing that need to be operational 24/7. In fact, Morphisec’s Consumer Healthcare Cybersecurity Threat Index found earlier this year that 1 in 5 Americans had a healthcare provider affected by cyberattacks over the last twelve months. Morphisec’s new IR services aims to assist these organizations with containing in-progress incidents, reducing damage, providing recommendations for long-term risk reduction, and auditing critical infrastructure to ensure the lowest possible risk exposure to a cyberattack. The company's highly experienced and on-demand IR team will be led under the direct supervision of the CTO’s office. “In this worsening threat landscape, it’s vital that all businesses have access to the expertise they need to keep their business up and running in the event of a breach -- even if they lack dedicated security professionals,” said Michael Gorelik, Morphisec’s CTO and head of incident response. “Morphisec’s incident response services help every organization under attack to quickly contain the incident, ensure business continuity, and minimize direct and indirect losses. With extensive experience in security incident investigation, companies are in good hands with our talented IR team who will go above and beyond to help them protect their assets from backdoors and persistent malware.” Morphisec’s incident response services will leverage the company’s zero trust at runtime solution to quickly pinpoint and contain threats, promising immediate results before forensic activities are even finalized. Responders will also educate businesses on the root cause of the incident and, in turn, the required corrective actions to improve their current tools and processes. Forensic collection and investigation of affected assets, including the building of an activity timeline, supplying indicators of compromise (IOCs), scoping the impact, mapping of exfiltrated IP, and more Malware analysis: In-depth analysis of a given malware, backdoor, or fileless code, to identify the potential impact Working around the clock during the investigation, with availability whenever we’re needed The option to develop customized scripts to minimize follow-up impact “As cyberattackers continue to target our critical industries such as healthcare, we’re proud to offer this crucial service to organizations who simply cannot afford downtime,” added Gorelik. “Morphisec's impressive suite of cloud-delivered endpoint and server security solutions are already protecting our customers across 8 million endpoints, and the addition of our new incident response service adds a vital layer to triage critical security incidents and reduce the risk of attack for the future.” About Morphisec Morphisec is the world leader in providing advanced security solutions for midsize to small enterprises around the globe. The company’s security products simplify and automatically block modern attacks from the endpoint to the cloud. Unlike traditional security solutions relying on human intervention, Morphisec delivers operationally simple, proactive prevention. This approach protects businesses around the globe with limited security resources and training from the most dangerous and sophisticated cyber attacks.

Read More

DATA SECURITY

The Cybersecurity Skills Gap is Resolved by Battleship's New Mentoring Program

businesswire | March 01, 2021

Tutors are presently a tick away for current and hopeful network safety experts. Ship looks to upset network protection proficient improvement by explaining profession ways and separating boundaries to section and progression through virtual, organized, coaching programs. "We are confronting an intense abilities emergency in the worldwide online protection labor force, which has been exacerbated by COVID-19," says Awat Ilkani, Battleship's CEO. "Network safety is a rapidly advancing, youthful field, and exhaustive vocation advancement and arranging assets are inadequate. Existing experts are worn out and battling to design next vocation steps, prompting high wearing down rates, while hopeful experts face foundational issues like muddled section focuses and gatekeeping, leaving them unfit to enter the field," he proceeded. War vessel accepts that oversaw tutoring will give the profession improvement and arranging support that is at present missing and at last, help connect the network safety abilities hole. Established in Raleigh, NC in 2019, Battleship offers a product as-a-administration (SaaS), membership model to interface protégés with coaches. A large part of the interaction incorporates screening and onboarding possible tutors, who should have in any event 5-years of network safety experience, and consolidating prescient innovation with hand-coordinating to locate an incredible protégé/coach fit.

Read More

DATA SECURITY

AaDya Security Partners with EclecticIQ to Deliver Next Generation Endpoint Protection to Small and Midsize Businesses

AaDya Security | November 20, 2021

Detroit-based AaDya Security announced today that the company has partnered with EclecticIQ, a leading global provider of cyber threat intelligence, hunting and response technology and services, to offer its innovative endpoint detection and response (EDR) technology to customers of AaDya's all-in-one cybersecurity platform. Built specifically for small and midsize business customers, AaDya's platform is the first to offer six pillars of protection in a unified platform. The solution is powered by Judy, a unique AI and machine learning agent that works on the back-end to ensure each of the pillars (single sign-on, password management, endpoint detection and response, threat detection and automated remediation, anti-phishing, and compliance mapping) work in tandem to provide a seamless experience for both the end-user and platform administrators. AaDya this year also launched a successful channel partner program to offer its solution to managed IT and security service providers and value-added resellers who recognize the benefits of the unified platform for themselves and their clients. "Judy was built by our engineers to deliver a full suite of enterprise-grade security tools in one simple, accessible, and affordable platform,We are thrilled about our partnership with EclecticIQ, which aligns perfectly with our mission to provide small and midsize business customers access to the same security as their larger counterparts at a fraction of the cost. Their EDR solution hits all the marks in that it is light enough for our customers to implement and manage without having to compromise on security. Combined with the fact we were able to work with the EclecticIQ team to fully integrate the solution with Judy's capabilities made our decision to partner with them an easy one." Raffaele Mautone, CEO and founder of AaDya "AaDya built their solution with the understanding that security should not be a barrier to productivity," said Julie Cullivan, a veteran cybersecurity executive and AaDya board member. "The fact that many current security solutions are complicated and cumbersome to deploy has caused many SMB organizations to go unprotected. EclecticIQ's EDR technology was the perfect fit at the perfect time, allowing AaDya to expedite getting their endpoint solution pillar to market at a critical time for many small businesses as they face more cyber-risk and are being forced to meet the latest compliance requirements. I look forward to watching the partnership between these two innovative cybersecurity companies make a significant impact." With many recent high-profile attacks and a renewed focus on security at all levels of the Nation's value chain, across all verticals and businesses of all sizes, timing has never been more critical to provide accessible and reliable protection against ubiquitous attacks like ransomware and phishing to a market segment that has traditionally been an afterthought for the big players in cybersecurity. EclecticIQ, founded in 2014, is a leading cybersecurity company which is pioneering the intelligence-led analyst-centric platform that helps MSSPs, enterprises and governments to manage threat intelligence, hunting, detection and response. EclecticIQ Endpoint Response is a full-featured, flexible and embeddable endpoint detection and response (EDR) solution designed for integration into existing security stacks. It ensures kernel-driven reliability to capture events in real-time on Windows, macOS, and Linux endpoints using the unique endpoint telemetry plugin supported by open source osquery-based agent. It is easily integrated into existing toolsets and workflows via a straightforward REST API which leverages configuration, notifications, scheduled queries, and ad hoc queries for faster time to detection and response. And it installs in minutes, so this low-cost, low-footprint multifaceted solution enables faster mitigation of endpoint attacks. "When we understood the potential of AaDya's Judy platform, it became obvious that EclecticIQ's highly embeddable EDR would make it both more powerful and more extensible for further market-specific innovation," said Sridhar Jayanthi, senior vice president, endpoint security, EclecticIQ. "The fact that AaDya could significantly accelerate their endpoint goals with EclecticIQ's proven technology makes this an ideal partnership." About AaDya Security Headquartered in Detroit, Michigan, AaDya Security provides smart, simple, effective and affordable cybersecurity software solutions for small and midsize businesses. Our all-in-one cybersecurity platform, powered by Judy, an interactive AI virtual assistant, provides enterprise-grade, 24/7 protection and support for companies who lack the time, expertise and capital to successfully implement these solutions on their own. About EclecticIQ EclecticIQ is a global provider of threat intelligence, hunting and response technology and services. Stay ahead of rapidly evolving threats and outmaneuver your adversaries by embedding Intelligence at the core™ of your cyberdefenses. We operate worldwide with offices and teams across Europe and UK, North America, India and via value-add partners.

Read More