Wrenching Winds Wrecking Worried Worlds

Another day, another successful hack. It’s an unfortunate state of our modern day. From criminal syndicates to nation state actors, organizations of all sizes are being targeted for cyberattacks. Unlike days of old, where it was common knowledge that bank robbers robbed local banks rather than Fort Knox — and therefore local banks needed to build secure facilities to hold money — today, many small organizations believe that they are too small to be of any interest to malicious cyber actors and therefore only fleetingly concern themselves with their businesses’ cyber hygiene. According to The Atlantic, “…small businesses — even some that have had security breaches — have done very little…”  

Unfortunately, even small businesses are now targets in their own right, especially for ransomware and business email compromise. Small and medium-sized businesses can also be targeted as gateways to larger companies — they may be part of the larger company’s (and the primary target’s) supply chain. 

Recently, due to the SolarWinds hack, the world has been reminded of the method of malicious cyber actors going after a small vendor down the vendor chain to attack a larger entity, or in this case up to 18,000 entities. While this attack in all likelihood came from a nation state, it is important for small businesses to understand that, like lions in the wild, cyberattackers go after the most vulnerable and least protected. So, what can you do as a small business to harden your cyber defenses? Here are three easy things:

  1. Head on over to GCA’s free Cybersecurity Toolkit for Small Business and use the tools within it to provide you with both the guidance and ability to enact needed cybersecurity remedies. 
  2. Train your employees in cybersecurity fundamentals, because according to Verizon, in 2019 one third of all successful cyberattacks involved phishing, which means that employees’ actions allowed for 33% of all successful cyberattacks.  
  3. Constantly and consistently patch your systems and create an approval process for employees to install new programs on their computers (which is something that is also included in GCA’s free Cybersecurity Toolkit for Small Business). 

The author, Joshua Lawton-Belous, is the Global Business Officer for the Global Cyber Alliance. You can connect with him on LinkedIn and follow him on Twitter.