Answer this question: What is the worst thing that could happen, that would put me out of business? Often, I am working with small business owners who really have no idea where to start when it comes to developing a cybersecurity program. A really easy way to start is to prepare for the worst. If you have thought about what are the two or three cyber attacks that would cause the most damage?
Is it an insider threat? An employee who is helping themselves to proprietary information, plans, processes, patents, a customer database, or who could be booby-trapping servers could be devastating. This risk can be reduced by setting access controls, requiring passwords to log into resources, and following the principle of least privilege. Least privilege says an employee only has access to what they need to do their job, not the entire shared file store. Auditing your event logs for unusual access activity is another go solution. None of these cost a lot a money, most are free to use, aside from the time it takes to set up.
What about an email account hijack of the owner or a senior manager? What the FBI calls business email compromise (BEC) is one of the top crimes in terms of dollars lost by targeted businesses. Checking your email accounts for unusual access from distant locations is one way to catch this. Most BEC happens through phishing email exploits. The easiest way to prevent BEC from happening in the first place is through training your staff, and the CEO too, how to detect phishing emails.
Or what would happen if a banking Trojan allowed a bad actor to clean out your bank accounts? Most banking Trojans show up as an email attachment, and right now, Adobe PDF files, Word DOCX files, and Excel XLSX files are commonly used attachments, because it is easy to hide exploit code in these attachments. Again, education goes a long way toward prevention. But using all the email filtering methods that are available to your company is also an important step. Getting your email through Google Business or Microsoft Office365? Make sure to enable email filtering for your email domain.
Maybe they hijack your web server or website for crypto-mining, or install malware on your homepage that infects site visitors, or use your website to host a phishing exploit landing page. What happens then? This can create a real reputation problem for your business. Securing your web server and web site with strong passwords and non-obvious administrative user names. Is your administrative account named “Admin?” You better change it. Installing web server anti-malware scanners, or security plug-ins can go a long way to solving these problems.
Finding solutions for these issues, and putting plans in place that would mitigate the damage goes a long way to creating a cybersecurity plan that would eliminate a lot of other risks at the same time. And don’t neglect the basics, such as end-point anti-malware, and a good network firewall. Follow these tips and your security plan will be in place in no time.
Share
APR
About the Author:
I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com