The best strategies for small and medium businesses (SMBs) to minimize IT security costs require understanding three basic principles.

1. Data breaches at well-known enterprises like Target or Equifax account from most data breach headlines. However,  SMBs are prime cyber-attack targets. Cybercriminals prey upon smaller businesses which do not have the IT resources or technical expertise that large enterprises do, leaving SMB's with just as much damage but with no chance of remediation.

2. Realize how employee negligence, criminal insiders, and stolen credentials are leading causes of data loss.

3. Appreciate how the costs of products and services which ensure IT security are much less costly than the costs of security breaches.

The Ponemon Institute interviewed over 1,000 SMB IT leaders for their 2017 report, the State of Cybersecurity in Small and Medium Business. The research found that following cybersecurity incidents, companies spent an average of $1.2 million to remediate cyber-attacks. Business disruptions due to these breaches also added another $1.2 million to the cost of damages, often leaving SMB's with no other choice than to close their doors after an attack.

Here are six steps SMB's can take to improve their security posture and mitigate risk.

1. Prevent unauthorized access to business applications

A crucial best practices for protecting your data is to ensure the data security, privacy, and protection software you are using encrypts your data and isn't easily accessed outside of the organization. By keeping your data protected and encrypted is just one of the many ways to prevent a security breach within your organization.

2. Prevent data loss caused by internal employees

IT security isn’t only about preventing cyber-attacks. It also involves preventing data leaks caused by internal employees. In many cases, insiders have their login credentials stolen without their knowledge, and information theft goes on for months or years before detected.

Businesses need to enforce proposed password changes and in-house security training to prevent such issues. Another solution is to adopt multi-factor authentication methods such as biometrics, encryption tokens, or email/social credential login to assist in the login process.

The Ponemon Institute study found that breaches due to internal employee negligence grew by 48 percent between 2016 and 2017.

The Ponemon Institute, State of Cybersecurity in Small and Medium Business 2017

In 2018, Cisco Security Capabilities Benchmark report found that 29% of SMBs will pay under $100,000 to recover from a data breach. About 20% will have to pay between $1 million and $2.5 million.

The Cisco study additionally found that only 0.5% of employees purposely steal or sell company data. That can be enough to cause significant damage and cost when it happens. Accidental data leakage is common.

54% of those surveyed by the Ponemon Institute said a negligent employee or contractor caused the data loss event, compared to 48% in 2016.

The Ponemon Institute, State of Cybersecurity in Small and Medium Business 2017

Based on these statistics, businesses need to create and enforce employee security policies. Next, it is essential to find ways to identify rogue employees that don’t adhere to these rules.

3. Protect Against Ransomware, Social Engineering, and Phishing Attacks

Other significant and growing causes of security breaches for SMBs involve emails or social media messages. They trigger ransomware attacks, malware or compromise privacy.

Cybercriminals often “spoof” email addresses in employees' email address books. They may send seemingly harmless messages which include links. When clicked, alerts appear which suggest servers and other devices are useless until a ransom is paid.

The Ponemon Institute survey found over half of those surveyed feel their business isn't a ransomware target.

The same number of respondents reported detecting ransomware messages though. 

A Verizon study found about 5% of malware events involved ransomware; however, a year later, that percentage was up to 45%.

Cyber threat assessments are an excellent way to determine the best line of defense against these attacks, as they are continually evolving and becoming more sophisticated as technology progresses.

4. Be Vigilant About Distributed Denial of Service (DDoS) attacks

A Distributed Denial of Service (DDoS) breach is a coordinated attack by one or multiple hackers over-burdening a server with events and login requests until it crashes. These are often done using a team of hackers or one hacker utilizing bots. For some businesses such as law firms and retailers, business interruption is just as damaging as data loss.

Detecting an incoming DDoS attack can:

•    Prevent disruption of billable work

•    Safeguard customer satisfaction

•    Avoid business interruption

Monitoring inbound and outbound data transmissions can detect suspicious activity. It informs IT, professionals, when to divert traffic back out to the internet, and prevents service interruptions.

5. Conduct Regular Penetration and Vulnerability Testing

Many companies wait until after a security breach has taken place before contracting penetration tests or 24x7x365 vulnerability scanning. As the old saying goes, it’s not much help to shut the barn door after the cows have fled.

IT managers and CISOs need to identify gaps in their network perimeter before the hackers do.

“White hat hackers” also known as good hackers, know what their black hat (criminal) counterparts look for when targeting SMBs. Having one on your team can eliminate security gaps, protect your reputation and avoid business disruption.

6. Define the Right Security Technology and Investment Fit for Your Business

Determining the right budget and scale for business technology is critical. There are a vast number of IT security hardware, software, and services options in the marketplace.

Contracting with an IT security services firm can help you identify a realistic budget for your long-term and short-term needs. Identify where managed services can take the place of expensive hardware or software.

SMBs with minimal internal IT resources can contract managed IT security services, which:

•    Update security safeguards with the latest protection defenses, often even against Zero-Day attacks

•    Where possible, shift security costs from capital purchases to operating budget subscription payments

•    End the need to staff IT security expertise in-house

IT analyst firm Gartner recently released their Magic Quadrant for Unified Threat Management.  Instead of buying many security appliances for malware protection, web content filtering, and Intrusion Prevention – SMBs can implement a multi-function firewall which includes these defenses and more.

Need help defining the best IT security roadmap for your business, to safeguard your business information assets, help you meet regulatory requirements and mitigate risk? Contact ArmorPoint for an assessment of your information security needs.

About ArmorPoint

ArmorPoint is a security information and event management solution that provides a cost-effective and reliable way to continually protect your business from emerging threats. Through its customizable service pricing model, ArmorPoint’s cost-effective packages and dynamic levels of expert management support the security strategies of all companies, regardless of available budget, talent, or time. And since ArmorPoint offers 24/7 security support with a team of dedicated specialists, they can provide you with the manpower you need to expertly manage all of your cybersecurity initiatives. See how ArmorPoint can make a difference in your security posture with a risk-free 30 day free trial