TEC H N OLOGY
Small Business: Large Threat by: Joe Ezell
C
ybersecurity is an exciting concept, provoking thoughts of hackers and sometimes reminding people of their favorite movies such as Wargames (1983) and The Great Hack (2019). The reality is not as glamorous as movies depict. The internet and computing environments attract cybercriminals, with very real implications of lost time, money, data and privacy, all of which can equate to legal liability. Large businesses make the headlines with stories of ransomware incidents and demands for large sums of money, leading the public to believe they are more frequently targeted than small businesses (SMB). In actuality, large businesses usually have more funding and subsequently robust security infrastructure to prevent criminal attempts. SMBs often cannot boast the technological security resources and processes necessary to thwart cyber-attacks, making them prime targets for cybercrimes.
Attempting to list all of the threats could be overwhelming, but the top three are listed as follows: •
Social Engineering is probably the easiest and most common threat. It involves exploiting humans to convince them to divulge sensitive business information. Criminals pose as legitimate technical support members, or a vendor you often use in order to gather intelligence until they have enough to take action. The key to mitigating this is education: make your employees aware of social engineering, how to recognize it and how to avoid the threat.
•
Phishing is an attempt at data gathering. A criminal will attempt to gather your personal information through electronic means, such as an email with a legitimate looking link to a familiar website. Clicking the link will take you to a website that will ultimately collect and use your information asking you to update your personal information. Again, education is key here, but so is backing up your data in case of loss.
•
Ransomware is one of the leading cybercrimes to date. The object is to infiltrate your system, steal and encrypt your data and ransom it back to you, usually at a price lower than your insurance deductible. Keeping your data encrypted and having encrypted backups stored in a separate location from your network is one of the easiest ways to prevent catastrophic damage from a ransomware attack.
So, what is cyber and why do I need cybersecurity? According to Merriam-Webster, cyber is defined as, “of, relating to, or involving computers or computer networks”, making for a very broadly described term. Cybersecurity encompasses the protections utilized to secure your computer systems and data from potential loss. These safeguards can involve hardware and software components ranging from simple, low-cost firewall devices, to robust and costly tools, or even as the procedural efforts of risk analysis, employee training and industry best practices. Cybersecurity’s simple goal is to protect your assets and reduce the risk to your company from known threats. 20
BAY BIZ / WINTER 2024
