December 13, 2022

Is your organization prepared for cyberattacks? Here’s how to get ready.

By Amy Gardner
ProtectionResponseDatto EDRDatto Managed SOC

Businesses of all types are facing an increasingly challenging prospect when it comes to cybersecurity. Bad actors don’t discriminate, placing small and mid-sized businesses (SMBs) in just as much danger as large companies. Not only do SMBs offer threat actors a prime hunting ground for sensitive data and potential ransom payments, but many also serve as exploitable conduits into the networks of larger businesses as key components in the supply chain.

It’s critical that businesses of every size are ready for cybersecurity trouble. However, it can be a challenge to figure out how to prepare for it, especially for budget-conscious SMBs. Taking a look at the biggest cyberthreats that businesses face and affordable ways to take precautions against them can offer organizations insight into building the strongest possible defense for an organization.

Half of businesses will fall victim to a cyberattack or security breach

The cybersecurity climate for businesses has been steadily heating up. About half of the businesses that we surveyed for the Kaseya Security Insights Report 2022 told our researchers that they have been the victim of a successful cyberattack or security breach (49%). Digging deeper, one in five of our survey respondents said that their organization had experienced at least one successful cyberattack or security breach in the past 12 months. These alarming statistics illustrate the pressure that businesses and the IT professionals who secure them are under in today’s turbulent cybersecurity landscape, and that pressure won’t be letting up anytime soon.

“Businesses are facing a constantly escalating cyber threat level and they’ll continue to do so for the foreseeable future, with new groups of threat actors and more sophisticated attacks continuing to emerge,” says Jason Manar, Chief Information Security Officer (CISO) for Kaseya.

Prepare to face four major threats

SMBs face danger from a wide variety of cyber threats, but a few standouts are the most common. Phishing and email fraud, which includes cyberattacks like Business Email Compromise (BEC), is the top security threat to businesses today, with 55% of our survey respondents naming it as the biggest security challenge that their organizations face. Ransomware takes second place, the top threat for just under one-quarter (23%) of our survey respondents. Also on the list are password compromise (15%) and Account Takeover (6%).

Falling victim to any cyberattack can cost a business a fortune. The effects of a successful cyberattack on a business include lost revenue, reputation damage, downtime and wasted productivity, not to mention the high cost of mounting an incident response and recovery effort. About two-thirds of our survey respondents (63%) said that if their companies experienced a cyberattack like ransomware, while they would likely recover from the incident, they would likely lose data and incur expensive downtime. By taking a few smart steps, businesses can minimize the impact of a cyberattack or prevent one from landing altogether.

Every business needs an incident response plan

One of the top defensive tools that cybersecurity experts recommend for businesses is to create and test an incident response plan. U.S. National Institute of Standards and Technology (NIST) Special Publication 800-61 Rev. 2 Computer Security Incident Handling Guide is essential for anyone preparing an incident response plan. Incident response planning offers businesses another benefit too: it’s a valuable tool for preventing an incident from happening in the first place. Incident response planning gives businesses insight into where they might have security gaps or need better tools in their defensive buildout, reducing the chance that the company will experience an incident at all. Businesses should formalize a plan and run tabletop exercises to test their plan to ensure that they’ve covered everything.

“Knowing what to do and who to call in case of a cyberattack is the foundation of responding to that cyberattack quickly to limit the damage,” said Manar. “Without an incident response plan, the stress and pressure of the situation can lead to expensive mistakes.”

Get expert help detecting and mitigating threats

Cyber threats are constantly evolving and growing more complex as bad actors seek ways to get around cybersecurity safeguards. That makes them tricky for a company’s security team to detect. Accurate threat detection depends on solid threat intelligence and an expert eye to analyze it. A security operations center is often a necessary tool for handling these tasks. However, finding and hiring the experts that a business needs to form a security operations center (SOC) can be difficult and cost-prohibitive for SMBs. Managed SOC or Managed Detection and Response (MDR) is the solution to that dilemma.

Managed SOC offers businesses an easy and affordable way to put a team of security experts to work for them without expanding their payroll or building expensive infrastructure. Ideally, it should provide around-the-clock protection with real-time threat detection across three critical attack vectors: endpoint, network and cloud. Businesses gain access to a nerve center staffed by security pros that can hunt, triage, alert and work with their security team at critical moments, like when a threat is discovered or if they experience a cyberattack.

What can you do if the worst does happen?

In the United States, The U.S. Federal Bureau of Investigation (FBI) is the lead federal agency for investigating cyber attacks and intrusions. The Bureau has specially trained cyber squads in each of its 56 field offices that can help businesses handle a network intrusion, data breach or ransomware attack. A business experiencing one of those problems should contact their nearest FBI field office or report it at tips.fbi.gov. The FBI Internet Crime Complaint Center (IC3) provides businesses with advice on what to do if they fall victim to cybercrime or a cyberattack, including a breakdown of what information the FBI will request when tapped for help. Other federal agencies and many state governments and non-profits also offer assistance to businesses that fall victim to cybercrime.

“Don’t wait to call the authorities for help if your company is hit by a cyberattack – the sooner you start the process, the more you’ll benefit from the help they can give you to resolve the situation,” advises Manar, a former FBI Cyber Supervisory Special Agent.

Invest in affordable cybersecurity safeguards

In addition to incident response planning and partnering with a managed SOC, there are other budget-friendly safeguards a business can put in place to efficiently and effectively protect it from cyberattacks, including these tools:

Identity and Access Management (IAM) – Prevent intrusions via stolen, phished or compromised credentials by requiring proof of identity with IAM tools including two-factor authentication (2FA) or multifactor authentication (MFA). Microsoft says that that kind of technology alone can foil up to 99% of account-based cyberattacks.

Security Awareness Training – Transform employees from security liabilities into security assets with training that teaches them to identify cyber threats and handle data safely. Phishing simulations also help employees become savvy about spotting and avoiding cybercriminal traps.

Email Security – Investing in the best email security available is a smart decision since most of today’s nastiest cyberattacks like ransomware and BEC are email-based. Solutions that use AI and automation catch more threats than traditional email security or a Secure Email Gateway (SEG).

Backup and Recovery – Backing up a company’s data is a smart decision, especially in the ransomware era. Companies have several options to do it, like using an on-premises backup server. In today’s cloud-based world, cloud-based backup is the ideal choice for frictionless backup and easy recovery of a company’s data if needed.

Dark Web Monitoring – This defensive tool provides companies with 24/7/365 monitoring of business and personal credentials, including domains, IP addresses and email addresses, alerting the company’s IT team if any of that sensitive information appears in a dark web market, forum or data dump. This helps eliminate dark web risk exposure from password reuse, a common problem for businesses.

Endpoint Detection and Response (EDR) – EDR detects threats that evade other defenses so that you can quickly respond before damage is done. EDR relieves security team pressure with alerts that are mapped to the MITRE ATT&CK framework to provide context and helpful clarity reducing the security expertise required to effectively respond.

Get ready now for future cybersecurity challenges

Businesses should continue to expect to navigate a difficult security climate going forward. Recently, supply chain risk has become a major security concern, and that risk is escalating. More than half of the organizations that we surveyed (67%) told us that they conduct ongoing dark web monitoring for their suppliers’ domains as well as their own in order to combat supply chain risk. Smart organizations are also conducting frequent security awareness training to mitigate risks caused by phishing or employee behavior like mishandling data. Four-fifths of our survey respondents said that they regularly engage in security awareness training for all employees.

A strong commitment to cybersecurity is a foundational element of any modern company’s success, and it will only grow more important as the world continues its digital transformation. But mounting a solid defense against cyberattacks doesn’t have to break the bank. By taking sensible, affordable precautions like getting expert security advice, investing in quality security solutions and engaging in incident response planning, businesses can ensure that they’re ready for the cybersecurity challenges that they will experience today and tomorrow.

Suggested Next Reads