Cyber-crime has dominated the headlines over the last couple of years. Major data breaches at healthcare organizations have been heavily reported. A reason for this is HIPAA.
Under HIPAA, healthcare organizations are required to report all data breaches. But the threat extends to all industries and the US government:
- Anthem: 80 million records stolen.
- Premera Blue Cross: 11 million customers affected.
- Excellus Healthcare: 10 million clients exposed.
- Sony: Financial and health information for thousands of employees stolen.
- Target: Data breach affected roughly 40 million customers.
- US Office of Personnel Management (OPM): 21.5 million victims.
- US Internal Revenue Service (IRS): 700,000 social security numbers and other sensitive data stolen.
SMB are at the highest RISK of cyber-crime.
While it is large organizations who most frequently make the headlines, the primary target of cyber criminals are small and mid-sized businesses (SMB). In fact, Symantec found that 60% of attacks are directed at SMBs. One good reason for this is that these organizations lack the security resources and knowledge of larger enterprises. But their data is just as valuable.
Where are today’s cyber security threats coming from?
There are threats coming at us from all directions, it is important to understand what can be done to address these risks before they occur. Over the next few weeks we will take a deeper dive into each of the following 5 areas so that you can be better prepared:
Ransomware is real
Ransomware is an attack on your computer systems that looks to lock down data and applications so that you can no longer access them. Hard drives are encrypted and this can extend to an entire network of systems and servers. Recently, the Hollywood Presbyterian Medical Center in Los Angeles was held hostage. Their systems were offline for over a week until they finally relented and paid $17,000 to the extortionists.
A recent study found that Ransomware costs business $325 million per year. However, it is impossible to know exactly how much ransomware costs US businesses each year. That is partly because some businesses pay the fines without the embarrassment of reporting the crime. This strategy is risky because those that pay can become repeat targets for easy money.
SaaS and Cloud Security
Many SMB organizations adopted some form of public cloud service. Solutions that fall into this category include DropBox, Salesforce, Amazon, Google Docs, and Basecamp project management to name a few. Some of these solutions, particularly file sharing applications like DropBox, now house a large amount of private, corporate information.
The threat here tends to be more from internal resources. If enterprise editions are not adopted by your organization, you may have no control over your data when employees leave your company. Back in 2012, game developer Zynga sued a former executive over “the theft of some of its most sensitive and commercially valuable data.” That data was stored in DropBox.
Building Zero Trust Networks.
Most our networks were built on a concept of trust and verify. We accessed the network from devices that were trusted and verified our identities by logging in. Once we were granted access, we have access to multiple levels of data and systems without the need to re-verify and or run multiple checks.
Now that applications and data are run outside of the firewall and users access them from multiple devices, the trust and verify security method is no longer enough. In today’s world, you have to begin with the assumption that you do not trust anyone.
Security tool integration and consolidation.
In some upcoming blog posts, we'll explore the use, miss-use, and lack of use of security tools. Organizations tend to add new security tools to address specific threats. The challenge is that as we add additional systems and tools to our network, the amount of effort to implement and manage also increases exponentially. Many of those security tools also lack integration with each other, which can leave holes in your protection.
Gaining the full value out of an SIEM implementation.
We have found that many organizations that have implemented a security information and event management (SIEM) system have not fully implemented the solution. They are complicated. And once they are implemented the event logs are often referenced once an issue has already been discovered. That is because they generate more information than a single person can keep up with. Keep an eye out for another upcoming blog article where we look at reducing the complexity of SIEM management.
It is time to address security threats head on
Every organization, large and small, is a target for cyber-crime. It is time to take these risks seriously and develop a strategic plan for protecting your business.
Join us over the next several weeks as we look at ways that you can avoid becoming another business cyber-crime statistic. Subscribe to our blog with the form below.