Within SMEs there is still the impression that they are not of interest to cyber criminals. Nothing is less true. The number of ransomware attacks rose by 715 percent last year. In 71 percent of the cases, an SME was the victim. “Cybercrime has become a multi-billion dollar industry that requires high-quality measures,” says Job Kuijpers, founder and CEO of Eye Security. “Traditional measures such as firewalls and virus scanners are no longer sufficient.”
As an SME, you don't want to worry about the digital security of your organization. “Many companies do not employ an IT specialist, let alone large budgets to spend on IT and security,” explains Kuijpers. “Yet as an SME you can affordably have the level of security that the large corporates also have.” The secret to this is that you have to turn to a specialist for your security. “Many IT suppliers offer their customers security, but cybercrime has grown into a multi-billion dollar business and defending yourself against digital attacks requires more and more expertise.”
Bringing in a specialist
And many regular IT partners lack that expertise; after all, you can't know everything about everything. “With a certain turnover, it is quite normal to arrange for a company lawyer or an accountant. Then it should also be very common to involve a security specialist in your organization when, for example, you depend on continuity, work with sensitive data or have a lot of customer data.” Kuijpers sees that many entrepreneurs rely on their IT supplier when it comes to security. Yet the traditional measures that IT suppliers often offer, such as firewalls and virus scanners, are no longer sufficient against the sophisticated attacks that cyber criminals carry out today. “See your IT supplier as a contractor who builds your house,” says Kuijpers. “When you then have good locks, If you want to have security cameras and an alarm system, have that installed by a specialist. That's how it works with IT security too.”
Security is not expensive
The risk of fire in your business premises is one in eight thousand; the chance that you will be a victim of a cyber attack is one in eight. “A big misunderstanding in SMEs is that entrepreneurs think they are not interesting for cyber criminals. But many attacks are automated and not targeted at all. It's shooting with hail for those crooks, and your company could happen to be in that automated attack," says Kuijpers. Organizations consider it normal to take measures to reduce the risk of fire, but this is not done enough in the digital field. “Entrepreneurs don't know where to start or think it's very expensive, but today security suppliers can offer high-quality protection for your company at a very reasonable rate, without lengthy implementation processes.”
Deviant behavior on your network
To properly protect your organization, it is necessary to monitor the traffic on your workplaces and cloud environment for suspicious behavior. “With firewalls, network detection and virus scanners, you actually build a thick wall around your organization, but – certainly in the past year – people are working more and more from home or remotely, so that thick wall makes little sense,” says Kuijpers. “Monitoring can be compared to a security camera. Cyber attacks are becoming more sophisticated and if a cyber criminal has already stolen his login codes from an employee, he can enter your network undetected. The only way to detect that is when you see something or someone on a 'camera' that doesn't belong there. That is how it works with monitoring.” By analyzing a multitude of data sources, a security specialist can look for suspicious patterns and abnormal behavior on your network. In this way, your digital systems can be protected against external threats.
What can your IT supplier do?
Of course Kuijpers also understands that it is nice for many SME entrepreneurs to work with one IT supplier and to have one point of contact. “In that case, it is important as an entrepreneur to make good agreements about what your IT supplier offers in the field of security, where the responsibilities lie and how action is taken in the event of an incident,” advises Kuijpers. “Enter the conversation with your supplier.” SLAs are often agreed in the field of continuity of the IT systems, but an SLA in the field of security is also part of this, says the founder of Eye Security. “Ask your IT supplier how he has set up the security of your systems and how actively the traffic on your workplaces and cloud environment is monitored. Note that they do not only offer network monitoring, in terms of technology, that is no longer sufficient to keep ransomware out. And, suppose an employee does click on a link, does your IT supplier intervene immediately or do you only receive a notification that something has happened days later? Also ask about the measures that are taken when a cyber attack or incident takes place.”
Finally, Kuijpers advises entrepreneurs to properly record their responsibilities and liability in the field of security. “There have been several lawsuits between customers and suppliers in this area. The results of those lawsuits show that this is an incredibly gray and unclear area. Make sure you make agreements and record them.” Especially when continuity is vital for your organization, you work with sensitive data or have a lot of customer data, extra steps are needed in the field of information security. “Get specialist help on time.”
Security Specialists from Eye Security have observed a rather large phishing campaign using a few interesting tactics that we would like to share.
At the 10th of May, our Security Operation Center got an alert about a blocked Powershell execution on an Exchange server at one of our new customers.
An antivirus programme alone will not protect your company against cybercrime. Read more
Sending a phishing email has a high chance of success, especially with new employees. Read our tips.