“I already have cybersecurity for my business; that won’t happen to me.”
If you’ve ever scanned a cyberattack headline and reassured yourself with these words,
you’re not alone. And in a perfect world, you’d also be right. But in today’s cybersecurity landscape—where even giants like Marriott and Experian, with their hefty security budgets and advanced technologies, are no match for hackers—the hard truth is that your current security measures likely aren’t enough.
And despite the headlines, large businesses aren’t the only ones susceptible to cyberattacks. Simply put, security isn’t always secure—and it doesn’t matter whether you’re a multinational corporation or a small business. (A recent Inc.com article even went so far as to say 60% of small businesses fail in their first six months because of cyberattacks, not a lack of funding or other traditional business obstacles.)
So what is your business to do? It’s time to get savvy about the cybersecurity misconceptions that could be making you susceptible to breaches, and reflect them in a comprehensive security strategy that meets the needs of today’s complex landscape.
Common cybersecurity assumptions
In one recent study, 73% of small businesses said they had inadequate defenses for cyber breaches. This despite the fact that security breaches are only becoming more serious, and more difficult to prevent, seemingly by the minute. But for every business that admits it’s no match for hackers, there are many more that fail to realize the gaps in their existing strategy—and the full range of threats that exist in today’s digital landscape.
The biggest risk to your organization is a complacent security strategy. Here are a few often overlooked risks to put on your radar today.
- Cybersnooping: You might have heard this term before, which essentially means the act of gaining unauthorized access to data belonging to another person or business. Contrary to popular belief, 43% of cyberattacks now target small businesses—and cybersnooping is no exception. Even if you think your business’ data or revenue figures are too insignificant to entice hackers out for ransom money, keep in mind that your details can still be lucrative if sold on the black market. All hackers need are someone who wants to buy your information.
Even if you think your business’ data or revenue figures are too insignificant to entice hackers out for ransom money, keep in mind that your details can still be lucrative if sold on the black market
- Using O365 to access other O365 users’ data: Cybercriminals know that the best way to get through Microsoft O365 detection systems is to become a Microsoft O365 user themselves. Why? Microsoft is very diligent about not letting outsiders in, but if you yourself use O365, you’ve already passed through many of its security checks. (Are you one of the world’s 120 million O365 users? Check out this article on O365, DaaS and security considerations for each)
- Missing firewalls: This one might sound simple, but you’d be surprised how many businesses don’t have firewalls in place. In the 2018 State of Firewall report, 94% of companies agreed that firewalls were more critical than ever, yet a significant percentage also said they struggled with aspects like rule complexity, policy compliance and audits.
- Hackable usernames, passwords and MFAs: In all too many cases, your passwords make you an easy target. More than 60% of data breaches are due to compromised passwords, 93% of which can be hacked in mere minutes. And if you think your multi-factor authentication is hack-proof, just ask Microsoft, which experienced an MFA meltdown of major proportions at the end of 2018. (Read our quick guide on creating complex passwords and learn more about the benefits of a password manager in your cybersecurity strategy.)
- The risks of investigating the dark web: How do you know what “they” know about you and your business on the dark web? With somewhere around 70% of web activity happening there—and about 800 active criminal internet forums worldwide—it’s tempting to go on a hunting expedition to see if your details are down there. However, that makes you an instant target, despite the many tools now available that claim to help you conduct dark web searches.
The value of an expert cybersecurity partner
In a landscape where hackers are smarter than ever, businesses are spending more than ever before on strategies that often fail to take a comprehensive approach. Even if you have an existing cybersecurity plan, it’s crucial to take a closer look at how you’re both preventing and defending against potential breaches. For many businesses, it’s challenging—if not impossible—to build robust cybersecurity skills in-house. A Gartner study found that only 65% of organizations have in-house cybersecurity experts.
At OBT, we’ve boiled down decades of expertise into a three-prong security approach that inspects, detects and protects organizations against security threats, all while building a security-minded culture that anticipate the needs of businesses today and in the future. If your business doesn’t have a cybersecurity plan, we’ll help you build it from the ground up. And if you already have one, our experts will ensure that it provides the protection you need for the biggest threats in cybersecurity—both the more obvious ones and those that are often overlooked.
Learn more about our comprehensive approach to cybersecurity and reach out to our team to see how you can achieve a strategy that safeguards your company’s competitive advantage today and into the future.