The Consequences of a Cyberattack on SMBs

Nearly every company relies on the internet for its business operations, which means almost every company is at risk for a cyber-attack. In last week’s blog post, we discussed why Cybercriminals are targeting SMBs, but what are the consequences of falling victim to a cyberattack or data breach for SMBs?

Downtime

After a cyberattack, an SMB is likely to face significant downtime, which means their employees cannot do their jobs. While one can expect revenue to take a substantial hit from downtime, employee productivity usually is the most significant consequence. Employers are still required to pay their employees, they may be missing deadlines, and downtime may cause excess stress on their employees.

The cost of downtime = minutes of downtime x cost per minute.

Damage to hardware 

In the event of a cyberattack, malware, or data breach, not only is your data at risk, but it can also cause damage to your hardware such as PCs, Servers, and more. In addition, the repair or replacement of hardware can be very costly.

Fines and penalties

Legal and regulatory requirements seem to be constantly changing, which can be very overwhelming for a business owner. However, business owners must comply with these rules and regulations, and when they don’t, they are subject to fines and penalties costs.

Damage to reputation and loss of customers

When a company falls victim to a cyberattack, their customer data is often compromised, leading to a loss of customer trust, which leads to customers taking their business elsewhere. Data breaches also hurt attracting and obtaining new customers when the news is public.

High costs

In the event of a cyberattack, an SMB is likely to experience downtime, damage to hardware, fines and penalties, damage to reputation and loss of customers, and more. Each of these consequences has its own cost, and sometimes it is enough for a business to close its doors for good. Forbes states that the average cost of a single data breach on an SMB is $149,000. Additionally, 76% of SMBs have experienced a cyberattack in the last 12 months.

We’ve said it before, and we will say it again: It is no longer a question of if your business will be the target of a cyberattack, but when. Can you afford the consequences of a data breach?

Working with a Managed Service Provider can help you better secure your network and prevent cyberattacks from happening. To learn more about our managed services, visit our website or reach out to Sydney Ellison at sydneye@nowmicro.com.

Users: Your largest and weakest attack surface

October is Cyber Security month! When you exclaim that this month’s focus is security to most admin and IT stakeholders, you’re likely to receive a chuckle or an eye roll. They know the truth of the matter. Our mindfulness of security can’t be limited to a singular month. 

It’s an ongoing process that literally never ends.

Who then is Cyber Security month for? I’ll give you a hint. They interface with your organization’s data, devices and services daily and often don’t regard security as their first or even third priority. You got it; Cyber Security month is all about making your users more aware of the threats your organization faces.  

We often spend a lot more time discussing our plans to harden servers, implement new identity security policies or protect our users’ credentials with MFA. Don’t get me wrong, those things are essential in today’s world, but it’s hard not to notice a gap in those strategies. That gap is the users.  

Most experts estimate that 70% – 90% of malicious breaches start with or include some form of social engineering. Our users are every organization’s largest attack surface and softest target. Bad actors know this and are increasingly aggressive and cunning in their attempts. Every user holds something a bad actor would like to get their hands on. 

Take a user who doesn’t need access to any data or systems but needs email to communicate. If that user leaks credentials, it can still be a treasure trove for a bad actor in the form of a global address list harvest or intel derived from exfiltrated emails that allows them to refine and target spear-phishing attempts. When we read about a large breach in the news, we often picture a group coordinating an attack to launch all at once when it’s far more likely that attack started very small and happened over time.

So how do we go about hardening our users? It would be nice if we could just apply a patch or update their firmware, but a more tactful approach is needed. We believe that process is three-pronged.

Communication

Your organization culture around communicating anything IT-related is very important and often overlooked. 

Simply making your users aware of the current threats and where to report them can go a long way to thwarting social engineering. Be consistent with your communications. Set up a shared mailbox so multiple crafting IT-related messages can appear as one unified voice. Apply templates to your emails, so the appearance is consistent. Be concise; not enough or too much information can be harmful. Stick to the who, what, why, and how of the threat. Don’t forget to include where a user should go to report social engineering attempts.

Training

This can mean different things depending on the size of your organization. In smaller organizations, it may mean taking 10 minutes during a company meeting to show examples of social engineering attempts. In larger organizations, it may mean contracting a professional trainer to speak to individual business units or even training leaders in those units to talk about threats to their teams.

Attack Simulation

The benefits of a simulated penetration test against our networks are obvious, but we can also apply this approach to our users. An attack simulation targeting your users with social engineering or a fake malware payload will not only give your organization an idea of its vulnerabilities but is also one of the best ways to raise your users’ awareness. The approach of an attack simulation with training and communication as a fast follow can grab your users’ attention far better than any of these components on their own.

How do I simulate attacks? 

Just like network penetration testing, there are plenty of tools to help you launch attack simulations and parse the data you receive.  

  • Microsoft 365 Defender P2 – If you happen to have Defender P2 or an M365/O365 A5/M5/E5 plan, you have a very robust set of tools for simulating attacks.
  • Choose from a wide variety of templated attacks that help target specific business units, just like a seasoned spear-phisherman.
  • Simulate malware payloads and malicious links with a variety of different delivery methods.
  • Automatically assign pre-built training modules to users that click malicious links or input their credentials.
  • Robust after-action reporting to help you know where to invest in training.   
  • Now Micro Security Awareness Training – If you don’t have Microsoft Licensing, you’re not out of luck, Now Micro has the tools to simulate attacks against your Microsoft or Google environments.
    • Phishing Security Tests
    • Automated Security Awareness Program
    • Security Hints & Tips
    • Automated Training Campaigns
    • Phish Alert Button (Ability to report & delete phishing emails)
    • Phishing Reply Tracking (Track if a user replies to a simulated phishing email & what information)
    • Industry Benchmarks
    • Monthly Email Exposure Check: Monthly reports show which email addresses are exposed on the Internet and are a target for phishing attacks

Recognizing the growing need to protect all your endpoints, including your users, is our focus at Now Micro.  If you have any questions or would like our help, visit our Managed Services page on our website.

Are you prepared for IT threats?

Many things cause a business owner to have nightmares — at the top of the list is a computer failure that stops operations in its tracks. Unfortunately, no company is immune to the threat of data failure. Recently, for retail giant Target, the fear became a reality as nearly every register in all stores throughout the United States went down.

Fortunately, the system outage only lasted two hours. But, that two hours of downtime cost Target roughly $50 million in lost sales and caused their stock shares to drop by two percent. In reality, Target’s ability to go from a catastrophic outage to getting back online in such a short time is a huge accomplishment. With significant IT infrastructure in place to respond, the company could investigate the problem, determine that there had been no data breach, and reboot all systems to full operation quickly. For the company, assuring that no data had been compromised was vital. In 2013, a data breach affected 41 million customers and resulted in a legal settlement costing them millions.

How you protect your data is critical to the success of your business — no matter your size. For a health organization, your data includes detailed medical and insurance information. There are endless client files and records for law offices, financial planners have high-level access to sensitive financial portfolios, the list goes on. No matter the industry, data is critical. In many cases, data security methods are heightened by legally mandated regulations like HIPAA and PCI.

Be Prepared

So, how do you protect your company from cybersecurity threats and data failure? Target spends hundreds of millions of dollars each year. The key is to find an affordable technology partner who you can trust. As seen in the Target event, data issues and cyber attacks don’t only happen during business hours. You have to be prepared to respond 24/7. At Now Micro, we make it a priority to be available when the need for help arises. Our service desk technicians answer the phone live 24 hours a day. But that is only a tiny piece of your Cyber Security response plan. Most of our work occurs before disaster strikes. We help ensure that you have up-to-date systems needed to prevent an attack or data failure and back-ups in place when an attack occurs.

Your Industry Needs

Although all industries need comprehensive data and cybersecurity infrastructure, the needs vary depending on the types of data stored and industry-specific regulatory requirements. Here is a shortlist of how Now Micro customizes our services to serve the cybersecurity needs of different industries:

 Manufacturing

We protect your intellectual property — the core of your ability to be profitable for the long term — and put in place processes to ensure the reliability of manufacturing operations.

 Healthcare

HIPAA and other compliance requirements are critical in the healthcare industry. We address these needs and ensure brand protection, secure connectivity, and offer a unified security platform.

Small and Midsize Businesses

Each small and midsize business has its own unique needs, with expense management a key factor. Therefore, we provide affordable options, giving you access to the same level of expertise that large companies have at their disposal.

Retail

In a retail operation, the ability to continually process transactions without hiccups is critical. We help you ensure the reliability of your POS system while also assisting with compliance needs.

Law & Finance

Legal and financial institutions/advisors need to secure sensitive data and are subject to intense compliance regulations. We help ensure all needs are met and a backup system in place to allow recovery in the event of a data attack or failure.

Ready to Serve

Information technology and cybersecurity are overwhelming topics, but they don’t have to be. Click here to learn more about our comprehensive IT and Cyber Security services. Give Now Micro a call today, and we can work together to define a plan that meets your needs so that you can relax knowing that your business is well cared for.