In a press release from the White House on March 22, 2022, the President states:
“ I have previously warned about the potential that Russia could conduct malicious cyber activity against the United States, including as a response to the unprecedented economic costs we’ve imposed on Russia alongside our allies and partners. It’s part of Russia’s playbook. Today, my Administration is reiterating those warnings based on evolving intelligence that the Russian Government is exploring options for potential cyberattacks.”
He further explains:
“If you have not already done so, I urge our private sector partners to harden your cyber defenses immediately by implementing the best practices we have developed together over the last year. You have the power, the capacity, and the responsibility to strengthen the cybersecurity and resilience of the critical services and technologies on which Americans rely. We need everyone to do their part to meet one of the defining threats of our time — your vigilance and urgency today can prevent or mitigate attacks tomorrow.”
Regardless of your political affiliation cyber attacks have been growing exponentially and are predicted to grow even faster in 2022. Cyber attacks are often agnostic, they are not targeting a specific size, type, affiliation, or industry type. Cyber attackers are usually focused on one thing and that is success. The goal of small businesses is to not be the soft target. Cyber attackers often use tactics that try to access thousands of companies and are only successful against the ones with the least amount of cyber protection.
So, what can you do to ensure you aren’t a soft target?
- Use 2FA/MFA on all your accounts. Two factor authentication is the best way to protect your accounts from malicious access.
- The #1 security threat to any business is…YOU! Like it or not, over 90% of all security breaches in business are due to an employee clicking, downloading or opening a file or entering their credentials. We recommend that every employee that uses a computer completes our annual cyber security training to help educate them on the tactics used by these malicious actors
- Use complex and different passwords for all your web accounts. We recommend using a password management tool that can assist using complex passwords for each website or account you have
- Make sure you are using a business grade firewall/router. You can use an ISP provided router to protect your network from cyber attackers.
- Have an Excellent backup. Make sure you have daily offsite backups ready for any situation.
- Work with a MSP to ensure your accounts are monitored. We have seen malicious actors pull off complex schemes to steal $100,000s of dollars because they had gained access to an account and were able to read the emails for months before acting. Does malicious actor have access to your account right now? You probably would tell me no, but do you know?
- Protect all devices that have access to company data. If your employees are working from home, are they doing so on company protected devices? Home devices on home networks can be a huge security risk if they are not configured correctly.
Do you have an MSP you work with? If so, check in with them. If not, get one. You can’t run a business anymore without professionals managing your technology. The old adage of “A Man Who Is His Own Lawyer Has A Fool for a Client” now can be related to technology. You can’t do it yourself, your brother’s neighbor’s kid who is good at Halo can’t do it either. Bob in sales who is interested in technology can’t do it either. You need an MSP with the knowledge, the tools, the monitoring, and the experience to keep your business secure. Doesn’t have to be u