5 Cybersecurity Tactics to Deploy in 2020

5 Cybersecurity Tactics to Deploy in 2020

As we wrap up another year, there’s no better time than now to reevaluate your business’s cybersecurity strategy. Over the past decade, cyber attacks have become increasingly common — and it’s not just large companies that are being targeted. Statistics show over half of all cyber attacks involve small businesses. To safeguard your business from cyber attacks in 2020, consider the five following tips.

#1) Use a Firewall

A firewall is arguably one of the most important tools to protect against cyber attacks. Not to be confused with anti-virus software, it’s designed to monitor, as well as filter, incoming and outgoing traffic. If the firewall detects suspicious activity, it will block the traffic so that it doesn’t harm your business’s information technology (IT) infrastructure.

#2) Update, Update, Update

In addition to using a firewall, updating all your business’s software apps to the latest version will lower the risk of a cyber attack. Hackers often use vulnerabilities in outdated software to infiltrate networks and devices. If your computer or device is running an outdated version of its operating system, for example, a hacker could infiltrate your computer or device by exploiting a vulnerability in the operating system.

#3) Use Two-Factor Authentication

When given the option, use two-factor authentication for your business’s password-protected accounts. What is two-factor authentication? Basically, it’s an extra layer of security that’s applied to a password-protected account. When enabled, you’ll have to enter your password while also providing an additional method of authentication, such as a PIN.

#4) Create Backups

It’s always a good idea to create regular backups. While backing up your business’s data won’t necessarily protect it from cyber attacks, it will mitigate the damage if an attack occurs. If you have a backup of your business’s data, you can restore it in the event of a cyber attack. Whether it’s ransomware or crypto-mining malware, creating regular backups will allow you to get your business’s IT infrastructure up and running with minimal downtime.

#5) Train Employees

Assuming your business has employees, you should train them on how to spot potential cyber threats as well as how to respond to cyber threats. Far too many business owners neglect to train their employees on the fundamentals of cybersecurity. As a result, they unknowingly expose their business’s IT infrastructure to common threats like malware and phishing scams. By training your business’s employees on how to spot and respond to cyber threats, you can rest assured knowing that your business’s IT infrastructure is better protected.

What Is Grayware?

What Is Grayware?

Is your small business’s information technology (IT) infrastructure vulnerable to grayware? While not as harmful as conventional malware, grayware can still pose various risks. Among other things, it can slow down infected devices, track users’ activities and trigger annoying pop-up ads. To better protect against your small business against grayware, though, you must first understand the basics of this cyber threat and how it works.

The Basics of Grayware

Grayware consists of unwanted apps and software that aren’t necessarily malicious but can cause performance issues, as well as security risks, when left unaddressed.

Malware, of course, is characterized by its malicious intent. Depending on the type of malware, an infection may have crippling effects that restricts access to some of all of your files. Grayware, on the other hand, is a less-concerning type of cyber threat that doesn’t have malicious intent. Instead, it simply causes performances issues while potentially opening the doors to other security risks.

Common types of grayware include the following:

  • Spyware
  • Adware
  • Unwanted remote access tools

What’s the Purpose of Grayware?

Grayware is typically deployed by businesses and marketers for monetary gain. As previously mentioned, spyware and adware are two common types of grayware. Spyware is apps and software that spy on a target victim’s activities. If one of your small business’s computers is infected with spyware, it may track the websites you visit on that computer.

Adware, on the other hand, is designed to deploy ads on the infected computer. The business or marketer behind the adware attack typically earns revenue for either ad impressions or clicks.

Signs and Symptoms of a Grayware Infection

How do you know if one of your small business’s computers has been infected with grayware? For starters, you’ll probably notice performance issues, the most notable being longer-than-average load times when running legitimate programs

While grayware isn’t necessarily the same as malware, it can still be identified using anti-virus software. Most types of anti-virus software are designed to scan for grayware. By scanning your small business’s computers and devices on a regular basis, you can spot grayware in the early stages of deployment.

If a computer is infected with adware, you’ll likely notice pop-up ads when using it. The pop-ups will likely only occur if or when the computer is connected to the internet. They’ll display as boxes over your web browser, thereby restricting your productivity when using the infected computer.

Exploring the True Cost of a Data Breach

Exploring the True Cost of a Data Breach

What safeguards does your small business have in place to protect against data breaches? Data breaches can strike all types of businesses, regardless of their size or industry. While damage varies depending on a variety of factors, data breaches are almost always costly. So, what’s the true cost of a data breach for small businesses?

Lower Productivity

If your small business suffers a data breach, you may find yourself spending more time trying to clean up the breach, resulting in a lower level of productivity. When a data breach occurs, you must act fast to assess the damage and notify the affected parties. Whether a dozen people were affected or 10,000, you must notify them of the incidence. As a result, a data breach can lower your productivity.

IT Downtime

In many cases, a data breach can force a small business to take its information technology (IT) infrastructure online. If the breach as related to a cyber attack, such as a database intrusion, a small business may take down his or her business’s IT infrastructure to find and fix the exploit.

Of course, IT downtime itself can be costly. According to a study conducted by Gartner, outages cost businesses an average of $5,600 per minute. Based on these figures, a 60-minute outage could cost your small business over $330,000 — and that’s just one of several costs associated with data breaches. Your small business will likely encounter other costs, each of which adds to the total damage caused by a data breach.

Credit Monitoring Services

You may need to provide the affected parties with credit monitoring services. There are laws in the United States requiring businesses to provide their customers or clients with free credit monitoring services if their data is used or accessed by an unauthorized individual or entity.

If your small business experiences a small data breach, purchasing credit monitoring services for the affected parties shouldn’t be too expensive. For large data breaches involving thousands of people, though, the cost of credit monitoring services can quickly add up.

Replacement Credit and Debit Cards

Some banks require businesses to pay for the replacement of credit and debit cards. If your small business’s database was breached and a hacker was able to access your customers’ credit card numbers, for example, you might have to purchase replacement cards for the affected customers.

Nearly $4 Million

The Ponemon Institute says that businesses, on average, spend $3.86 million to recover from a data breach. As a small business owner, you should implement the necessary safeguards to protect against data breach. Otherwise, you could be facing similar costs when attempting to recover from a data breach.

What Is the DREAD Cybersecurity Model?

What Is the DREAD Cybersecurity Model?

Have you heard of the DREAD cybersecurity risk assessment model? Originally pioneered by Microsoft, it’s used to assess the severity of threats using a scaled rating system. From small businesses to Fortune 500 companies and even militaries, the DREAD model has become an increasingly common tool used to protect against cyber threats. So, what is the DREAD model exactly?

Overview of the DREAD Model

The DREAD model is a form of quantitative risk analysis that involves rating the severity of a cyber threat. When you encounter a cyber threat in your business’s information technology (IT) infrastructure, you can use the DREAD model to determine how much damage it has already caused and can cause in the future. You must assess various key points of the cyber threat while assigning a numbered rating to each of these points. When finished, you can then compare the total rating to that of the DREAD model’s rating system, which should reveal whether the cyber threat has a low, medium or high risk to your business.

The 5 Key Points of the DREAD Model

When using the DREAD model to assess the severity of a cyber threat, you must scrutinize five key points. As you go through these key points, you should assign a rating of either one, two or three. A rating of one indicates a low risk. A rating of two indicating a moderate risk. A rating of three indicates a high risk.

  1. Damage: What’s the total amount of damage the cyber threat is capable of causing your business?
  2. Reproducibility: How easily can other hackers replicate the cyber threat?
  3. Exploitability: How much time and energy is required to exploit the threat and, thus, perform a cyber attack against your business?
  4. Affected Users: How many people, either inside or outside of your business, will be affected by the cyber threat?
  5. Discoverability: Can you easily discover the cyber threat?

Breaking Down the Numbers

As previously mentioned, the DREAD model requires to assign a rating of one to three to each of the five key points. Therefore, any given cyber threat should have a total rating of five to 15.

The DREAD model says that cyber threats with a rating of five to seven are considered a low risk, while cyber threats with a rating of eight to 11 are medium risk. If a cyber threat has a rating of 12 to 15, on the other hand, it’s considered a high risk.

How Screen Locker Ransomware Works

How Screen Locker Ransomware Works

Ransomware has quickly become one of the most common cyber threats plaguing businesses’ information technology (IT) infrastructures. Statistics show, in fact, that ransomware accounts for roughly 15% of all cybersecurity-related insurance claims. While there are different types of ransomware, however, screen lockers are particularly common. If you run a small business, you should take precautions to protect your IT infrastructure from screen locker ransomware.

What Is Screen Locker Ransomware?

Screen locker ransomware is a form of malware that restricts login or file access while demanding payment to lift the restriction. It’s typically deployed at the operating system (OS) level, meaning you won’t be able to use an infected computer or device. When attempting to log in or power up the computer or device, screen locker ransomware will display a pop-up demanding payment.

With screen locker ransomware, you won’t be able to use the infected computer or device. It will serve a pop-up message whenever you attempt to log in to the OS. And unlike legitimate pop-ups, you won’t be able to close it.

Screen Locker vs Encryption Ransomware: What’s the Difference?

Another common type of ransomware is encryption. Like screen locker ransomware, encryption ransomware is designed to restrict login or file access in an effort to extort the victim into paying a ransom. The difference between screen locker ransomware and encryption ransomware lies in their method of operation.

Screen locker ransomware uses non-encrypting malware to lock the infected computer or device, whereas encryption ransomware uses encryption to lock the infected computer or device. With encryption ransomware, the data stored on your computer or device is scrambled using an encryption algorithm. The data is technically still present, but you won’t be able to read or access it.

Cleaning Up a Screen Locker Ransomware Infection

Because screen locker ransomware doesn’t use encryption, it’s typically easier to remove than its encryption counterpart. Depending on the type of screen locker ransomware, you may be able to remove it by booting your computer or device in safe mode, followed by running anti-virus software.

Whether you’re facing a screen locker ransomware or encryption ransomware infection, though, you shouldn’t resort to paying the ransom. Even if the pop-up message says you’ll regain access to your computer or device after making a payment, there’s no guarantee this will happen. On the contrary, many business owners who pay the ransom never regain access to their computer or device.