4IT Blog

4IT has been serving the Miami area since 2003, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Using 2017's Examples to Maintain Network Security in the New Year

Using 2017's Examples to Maintain Network Security in the New Year

Network security is a crucial consideration for every single business, especially ones that utilize the Internet. There were a lot of negatives and some positives that came out of 2017 in regards to cybersecurity. Below we have listed some of the most troubling cybersecurity statistics collected in 2017, and we’ve followed it up with suggestions on how to keep your business safe in 2018.

Statistic for 2017: In the United States, 61% of small businesses experienced a cyberattack and 54% experienced a data breach that had severe financial consequences in 2017. This year saw phishing/social engineering scams out number web-based attacks for the first time. Phishing (or the attempt to use fraudulent emails that look legitimate to obtain sensitive information to exploit for financial gain), and social engineering (or the psychological manipulation that persuades others into offering personal information), make up about 48% of all cyberattacks.

SMB Action for 2018: One way to reduce the risk that your company will fall victim to phishing and social engineering to make sure that your employees are aware of up-to-date cybersecurity best practices and follow them at all times. Even something as simple as opening an email attachment can have a catastrophic impact on your business. Creating a Acceptable Use of Technology policy is a great way to make sure that your employees know what is expected of them when it comes to technology and your business.

Statistic for 2017: Despite that fact that many business owners feel like their employees and/or contractors would never do anything to cause data loss or put their network at risk, more than half (54%) of the data breaches for small business in 2017 came from employee/contractor negligence, up from just 48% the previous year. While negligence was at the top of the list of was followed closely by third party mistakes (43%) and errors in system or operating processes (34%). Surprisingly, however, nearly ⅓ of those companies who experienced a breach stated that their company could not determine what caused the incident.

SMB Action for 2018: Short of having a computer forensics unit on standby, businesses will need to improve their resilience by properly training their staff in, at the very least, the industry standard of protecting an organization’s network. Enforcing strict guidelines on how people access and interact with data will go a long way toward mitigating organizational risk. Employing the use of virtual private networks (VPNs) to encrypt remote access data flow provides a strong defense against the interception of data.

Organizations will also need to follow strict procedure to close any vulnerabilities they may have with software systems, or former employee, contractor, or vendor access to their network infrastructure. The more diligent organizations are in training staff, and enacting a fast-acting strategy against closing vulnerabilities, the better chance they have of coming through 2018 unscathed.

Statistic for 2017: One question that is frequently overlooked during most run-of-the-mill security surveys is what it is that small businesses believe to be the most likely target of cybercrime attacks on their business - and are therefore most likely to be protected by SMBs. According to the results of this survey, about 63% of small business owners felt that the theft of their customer records was of primary concern. Followed by the theft of their intellectual property at 48%.

SMB Action for 2018: Since the protection of all data depends on diligence, protecting customer records, intellectual property, as well as employee’s personal information and the organizational financials is really a large effort that has to be understood and performed by every single person in your organization. Companies today are constantly under threat and have to organize their security strategy to be both proactive and reactive. Hackers know what they’re looking for and designing a strategy and following through is the only way the modern organization is going to be able to protect itself 100% of the time.

Statistic for 2017: When it comes to detection and prevention, small business technology scored rather dismally. In fact, 61% of small businesses responded that the technologies currently in use by their organization could NOT detect and block most cyberattacks. For 2017, 66% of responding businesses said that they had already experienced exploits and malware attacks that had evaded the current intrusion detection systems, if they had any to speak of and 81% had attacks evade their anti-virus solutions.

SMB Action for 2018: Today’s RMM tools, firewalls, and antivirus programs are thorough, but are often not always updated in real time. Today it is important to depend on solutions that don’t keep you at risk long than you need to be. Companies will have to invest time and capital into defending themselves in 2018, just as they have had do to over the past several years. There is some real risk that relying on software alone will catch most of the threats, but only an actively monitored network is truly safe.

Statistic for 2017: When it comes to ransomware, the majority of small businesses that have not yet been victims of ransomware still believe that they are too insignificant in size to be targeted by cybercriminals. Less than 50% of small business respondents said that ransomware was a serious financial threat, were concerned that negligent employees put their company at risk, and felt that the prevention of these types of attacks were a priority.

ns ib 1

Of those SMBs that have been victims of one or more ransomware attacks, 51% that it was within the past twelve months or less. With 10% experiencing attacks in the past three months or less, 14% within 3 to 6 months, 18% within 6 to 12 months and 9% within 12 months or more. There were three predominant types of ransomware reported by those who were attacked. 39% were faced with encryption ransomware, 30% were faced with locker ransomware and 31% were faced with both.

SMB Action for 2018: Ransomware can be a business ruiner, period. In 2018, companies will have to come to grips with the new normal in which many different strands of ransomware will be available to hacker all over the world. Furthermore, companies will have to consider themselves the prime target for this type of threat. If over a third of businesses are exposed to some fashion of ransomware, expect that number to rise exponentially. It is a problem that has to be at the forefront of any organization's cybersecurity considerations in 2018.

Statistic for 2017: In one of the most concerning aspects of this extremely informative study, of those small businesses who were attacked more than 60% paid the ransom. The average ransom paid out was $2,157. Of the 40% who did not pay, they cited the following reasons for not paying: 67% said it was because they had a full backup and would not lose the data and 52% said they did not trust the criminals provide the decryption cypher upon payment.

SMB Action for 2018: First, it must be made clear that UNDER NO CIRCUMSTANCES SHOULD A SMALL BUSINESS PAY A RANSOM. Ransomware attacks are becoming less and less likely to return data after payment. In fact, many businesses are faced with multiple payments that culminate in data loss AND significant monetary damages. Small businesses can no longer afford not to have both a security solution that helps them keep ahead of the latest ransomware threats, as well as data backup solutions that will be there to fall back on in the event that ransomware does get the best of them. For those businesses who felt that they couldn’t afford to have a data recovery and network security solutions in the past are now finding that they can’t afford not to.

Statistic for 2017: It seems like each year, there are more government compliance and regulatory standards that small business technology is required to meet. For example, the Health Insurance Portability and Accountability Act (HIPAA) has made a lot of headlines over the past several years, demanding that healthcare facilities take certain precautions when it comes to the management of electronic health records. However, a surprising amount of small businesses have yet to experience government enforced standards for their industry. 41% of all small businesses say they do not have to comply with any type of standard or guideline.

ns ib 2

SMB Action for 2018: Network security cannot be thought of as optional. Just because your industry or business doesn’t fall under the umbrella of federal or state data security mandates, doesn’t mean that you should look at network security as unimportant. We’ve outlined through this article just how difficult sustaining a business is when you lose any data, let alone customer or vendor data. With 41% of surveyed companies not complying with even payment card index regulation, there is likely an opportunity for your organization to enhance its network security efforts. Hackers and social engineers aren’t becoming less prevalent, so the modern business should absolutely act accordingly. By aligning your organization’s network security policy with your organization’s computing strategies, you will go a long way toward mitigating risk, and keeping your data secure.

If 2017 taught us anything, it’s that everyone has to be cognizant of the treats of conducting business in the connected world. By being protective and really focusing on protecting yourself and your organization from software vulnerabilities, hackers, social engineering, and the many other threats we all face, you will be able to conduct business as usual; which, is all you can ask for with the exorbitant amount of situation that threaten the sustainability of your business.

For more information about these statistics or strategies to keep your organization from become just another victim, call 4IT’s IT professionals today at 305-278-7100.



No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Monday, 22 January 2018
If you'd like to register, please fill in the username, password and name fields.

Mobile? Grab this Article!

Qr Code

Tag Cloud

security Tip of the Week Technology Cloud Privacy Best Practices Microsoft software Internet Business Computing Backup Hackers Productivity Hosted Solutions Business Management Managed Service Provider Google Malware IT Services Business Efficiency IT Support Windows Disaster Recovery Innovation Business Continuity Hardware Workplace Tips VoIP Computer User Tips Saving Money Mobile Devices Virtualization Upgrade Windows 10 Miscellaneous Network Security Mobile Device Management Data Server Email Mobile Computing communications Alert Communication Network Save Money Microsoft Office Quick Tips Smartphone Small Business Social Media BYOD Going Green Mobile Office Information Technology Smartphones Android Health Office Apps Managed IT Services Outsourced IT Application Ransomware Operating System Browser Chrome Gadgets Mobility Disaster Tablet Holiday Firewall The Internet of Things Productivity Avoiding Downtime WiFi Managed IT Cybersecurity Cybercrime Data Recovery Search Telephone Systems Risk Management History Data Backup Remote Computing Unified Threat Management IT Solutions Best Practice Data Management Spam Passwords BDR Vendor Management Marketing Employer-Employee Relationship Budget VPN Automation Remote Monitoring Facebook Hacking Apple Hard Drives Saving Time Hosted Solution User Error Computers Collaboration Money Recovery Phone System Wireless Technology iPhone Customer Relationship Management Office Tips Big Data Content Filtering Law Enforcement Phishing Proactive IT Password Vulnerability Telephony Lithium-ion battery Humor Administration Wearable Technology Current Events Maintenance PowerPoint Virus Printer USB Antivirus Shortcut Analytics Encryption Work/Life Balance Social Router Gmail Bring Your Own Device Government Office 365 Social Engineering Cost Management Intranet Politics Personal Information Point of Sale Bandwidth IT COnsultant Printer Server Private Cloud Computer Repair Laptop OneNote Wireless Unsupported Software Education Cloud Computing Trending Google Drive Net Neutrality Save Time SaaS Data Security Audit Users HaaS Tech Support Data Protection Windows 8 Business Intelligence Outlook App Meetings Network Congestion online currency Applications Windows 10 Help Desk hacker Instant Messaging Emails Transportation HIPAA Entertainment Computer Care Battery Robot Benefits DDoS Computer Accessories Efficency Redundancy Data Storage Automobile Mouse Compliance End of Support Social Networking Internet Exlporer Two-factor Authentication Managing Stress Display Excel Internet of Things Identity Theft Augmented Reality Solid State Drive Paperless Office Flexibility Sports Travel Fax Server Update Customer Service Workplace Samsung Biometrics Streaming Media Retail Wi-Fi Artificial Intelligence Virtual Reality Emergency IT Support Uninterrupted Power Supply Consultant Google Maps Twitter Colocation The Blindside Of Commerce IT consulting Company Culture Regulation Black Market Surge Protector Access Human Resources Running Cable Touchscreen Software as a Service Television 3D Printing IT Security Reliable Computing Cleaning Sync Data Loss Nokia Experience iOS Avoid Downtime Bloatware Keyboard Managed IT Service ISP Adobe Managed IT Services Google Docs Music Computer Fan Hiring/Firing Programming Licensing Blogging Data storage Branding Distributed Denial of Service Microsoft Excel Books Dark Web Video Games Smart Technology Screen Mirroring WIndows 7 Website Document Management eWaste Storage File Sharing Inbound Marketing Data Breach Advertising Cast Legal Regulations OneDrive Mobile Device Windows 10s Hard Drive Touchpad systems Value Amazon Managed Security Nanotechnology Scam Co-managed IT Cameras User Tablets Uograde Hard Disk Drive Images Science hack Root Cause Analysis Employer Employee Relationship HBO Lifestyle Virtual Desktop Presentation Best Available NFL Ebay Worker Commute best practices Operating Sysytem Bluetooth PDF IT Technicians Cortana Computing CrashOverride IT Management Scalability Files Word data breach SharePoint Text Messaging Legislation Safety Settings WIndows Server 2008 How To Wiring Chromecast Upgrades Windows Ink Information risk management Teamwork Busines Continuity Training Patch Management Debate Administrator Networking Near Field Communication Specifications Updates Conferencing Shadow IT Microsoft Word Relocation Gifts Gift Giving Device Security Webinar Devices Credit Cards Spyware Mobile IT solutions FAQ Professional Services IT service Microblogging Youtube Charger Taxes Domains Sales Wireless Charging Supercomputer Managed Service Provder Electronic Medical Records Webinar WannaCry IT Budget Buisness Evernote Tutorial Reputation Comparison Workers