Protecting a business’s IT infrastructure and data can be
difficult with the abundance of threats out there, the array of new data
privacy regulations, and many cybersecurity solutions to choose from. Even
today, far too many businesses still claim protection with just anti-virus and host
firewalls, when these measures are not enough to keep up with advanced threats.
Relying
on only these prevention tools is shortsighted, especially as technology and
managed services have evolved to offer a full spectrum of protection. Unless
the business owner is an IT whiz and has time to devote to cybersecurity daily,
the task of determining what they truly need to be protected can get
overwhelming quickly.
To
help connect the dots, this article likens business protection to home security
in an analogy that aims to simplify what every business, large and small, needs
to have in place to be truly protected.
Now,
unless you are Kevin McCallister, the character from ‘Home Alone’ who can stay
ahead of the thieves’ every move while thwarting attacks with some wicked booby
traps, there is no way you are going to avoid the inevitable. Especially with
“kick-the-door-in” anti-virus and firewalls as your “protection”.
Anti-virus
and firewalls are “…what the French call les incompetents.”
There
are three ways to protect a home or business, and without all three in play,
you are not truly protected. These three critical areas are PREVENT, DETECT,
and RESPOND.
In
‘Home Alone’, the thief character, disguised as a trusted police officer,
enters easily to pull information directly from the unsuspecting home owners.
His shtick is: “There’s always a lot of burglaries around the holidays…we just
want to be sure you are taking the proper precautions.” Mr. McCallister’s
reply?
“Oh
yeah, well we have automatic timers for our lights, locks for our doors, that’s
about as well as anybody can do these days, right?”
When
you think about home security, it is easy to relate to the prevent, detect, and
respond methods in action.
In
this home security scenario those door locks and automatic lights = anti-virus
and firewall for a business. They may be under the prevent category, but what
about detect and respond? After the doors are kicked in, what’s stopping the
thief from robbing you blind (ransomware for businesses, stealing data, causing
you to lose business via network downtime), including priceless heirlooms that
can never be replaced (customer confidence and brand reputation)? If you value
your home and its contents, you can clearly see that door locks and motion
sensing exterior lights don’t do much to put you at ease.
Protect
your business like you would your own home: “This is my house, I have to defend
it.”
Today,
people go beyond the typical automatic lights and door locks to a fully
integrated security system that can prevent attacks, but also detect and
respond to even more than theft or unwelcome entry.
In
all threat cases in a home with full security, responders are called to contain
the damage, investigate, and offer remediation.
The
beauty of this full-spectrum security is that you don’t need to be home 24/7 to
catch it yourself. We recognize the risks we take without this full security in
our homes.
This
is the same for businesses, only on a much grander scale, with threats coming
from a cyber angle and far too many to hunt and catch for a small IT team
wearing multiple hats that lack a dedicated security analyst. It’s difficult
for SMBs to hire a team of highly skilled security analysts with the bandwidth
and expertise to perform continuous monitoring. It’s even harder to retain them
in the face of stiff competition for these scarce resources.
To
top it off, small-to-medium size businesses (SMBs) are just as vulnerable, or
more so, than the large organizations. On average, each user at an SMB receives
nine malicious emails per month. (Symantec ISTR) and 58% of malware attack
victims are small businesses (Verizon 2018 DBIR).
Due
to tight budgets and a cybersecurity skill shortage, SMBs are partnering with
Security Information and Event Management (SIEM) vendors to tap expertise
without ceding control. Managed Service Providers (MSPs) are in an ideal
position to save the day for SMBs that could use the expert guidance and
pricing that meets their unique needs. SIEM is a reality for SMBs thanks to Vibrant9
MSP – EventTracker Essentials. According to Gartner, co-managed security
is on the rise and expected to grow five-fold by 2020.
Perfect
prevention is not practical. EventTracker Essentials focuses on detection and
response to protect your business from advanced persistent threats that
regularly circumvent prevention mechanisms like firewall and anti-virus.
Cyber
attacks don't discriminate by size or valuation, and small businesses are
growing as the favored target of attacks. The cost of doing nothing can be
greater than the cost of protecting your business.
Here
are some important security questions to consider:
Are
you assuming your perimeter defense is perfect? What if the attack gets past
your firewall and anti-virus?
Are
you confident that every endpoint is always patched perfectly?
Are
you confident that every user on your network is safe from phishing scams?
If an
employee’s network login credentials are compromised, how would you know?
If
you have a compromised O365 email account, how would you know?
If an
IT Admin abused their privileges, how would you know?
How
valuable is your sensitive company data? What risk do you face if it is lost or
held ransom?
What
was the last security incident in your network? How was it found? Fixed? How
long had it been in the network? What were lessons learned?
When
was your last audit? How easy was it to demonstrate compliance?
As
Kevin said, do “You guys give up, or are you thirsty for more?”
Whipping
paint cans at thieves or concocting an elaborate “fun house” to thwart the
enemy is not feasible at home or with business. Go beyond simple prevention
methods of the past with a true protection model that includes detect and
respond capabilities.
