“You don’t have to run faster than the bear to get away. You just have to run faster than the guy next to you.” – Jim Butcher
There is a horrible truth in cybersecurity: you do not need to be unhackable — you only need to be more expensive or difficult to hack than other, similar organizations. If you are a small or medium business (SMB), you can get a huge leg up on your peers by simply adhering to well-understood best practices and using an IT services firm that can implement them.
How can you use this knowledge to your advantage with cybersecurity? If you understand what motivates a hacker*, you can put together a reasonable plan that will deter cybercriminals and keep you, and your customers, patients, or clients safe.
You do not need to be unhackable–you only need to be more expensive or difficult to hack than other, similar organizations.
The Hacker Mindset
There are a variety of hacker motivations, but generally small and medium businesses will be affected by cybercriminals, who are looking for money. One objection we often hear when discussing the need to keep IT systems safe is, “I’m a small business in a small town. I don’t have anything worth stealing.” Unfortunately, this is untrue. On the black market, your Netflix account is worth $3 to someone. Access to your corporate email is worth $500. Your driver’s licence? $20. Medical records? $1,000! Everything you have and everything you are has value to someone.
Not all threats are external. Some of the most dangerous cyber criminals are former colleagues or employees who were given inappropriate access to sensitive information, and for whatever reason, use that against their former employer.
Your Best Defence
All the ideas for how to defend yourself are out in the public domain and you only need an IT firm with the know-how to execute them. If you apply best practices, as put forth in the SANS Institute’s Critical Security Controls, NIST Cybersecurity Framework, or the NSA’s Top 10 Cybersecurity Mitigation Strategies, you will be off to a great start. Your best defence is good cyber-hygiene.
How does this simple concept make you less of a target for cybercrime? It slows criminals down. It makes it difficult for them to get what they want, and if you make it just hard enough that it does not have a high return for their effort, they will move on. A lot of small businesses think they cannot afford cybersecurity, so they leave everything wide open and become the actual biggest target for cybercriminals, all the while thinking they are too small to be noticed.
If you have data that belong to anyone else, including your staff, you have an obligation to protect them. If you fail in that obligation it could cost you actual dollars out the door, it could cause downtime, it could damage your reputation, or in the worst case, it could make you the target of litigation (which includes all of the above).
If you want the benefits of a proven solution for SMB budgets, are responsible for a small or medium office of around four staff or more and are interested to know how FTL Computing can help, please get in touch by any of the means on our contact page. We look forward to talking to you soon.
* We distinguish a hacker from a cybercriminal in that a hacker is anyone who attempts to gain unauthorized access to a computer system for any reason, which may include legitimate testing, whereas a cybercriminal is someone looking to monetize some aspect of that access.