Friday, December 4, 2020

The Enemy at the Gate


The Enemy at the Gate

As an MSP (Managed Service Provider)  who has been supporting small to mid-sized businesses for over 30 years, one thing I can tell you is that the mindset of "we are too small to be the target of a cyber-attack" is far more widespread than one might think.

Some might accuse me of exaggerating, or spreading FUD (Fear, Uncertainty & Doubt) like so much manure on the garden of business.. But in all fairness, I would say that I am understating the gravity of this phenomena.  The data doesn't lie. A recent Accenture/Ponemon study (PDF) shows that 68% of business leaders feel their cybersecurity risks are increasing, and Verizon found that 43% of breach victims were classified as small businesses.

Now, back to my initial postulation that SMB's seem to have a tendency to underestimate their risk.  How I know this to be true is that I find in many cases when doing cybersecurity assessments of prospective new clients, the most often overlooked facet of their cybersecurity maturity score is the firewall.  If there is one element of a businesses defense system that should not be ignored, it's network infrastructure, especially the firewall.

The simple fact is - an outdated firewall not only is likely to be laced with unpatched vulnerabilities, it also is not equipped to handle the threats todays cybercriminals bring to the party. Proper lifecycle management of perimeter security devices is about 5 years.  By that point, the technology has changed to meet the current level of threat to a point where simple subscription based services can no longer keep up.

Case in point - over 70% of all Internet traffic is secured by SSL encryption. The familiar HTTPS preceding the web URL tells you that the connection between you and that web server is secure.  But is it really? Many firewalls can not inspect SSL traffic, and so it passes directly to your browser, with all the potential vulnerabilities intact.  In fact, many of the bad actors who are perpetrating cyberattacks on all levels of business are working in that same "secure" space because they KNOW, most firewalls are either incapable of ferreting them out, or are not properly configured to do so because of the performance hit that results from deep packet inspection of SSL traffic.  It takes serious horsepower to un-encrypt, scan, and re-assemble SSL traffic.

More concerning to me on these visits is when I see big-box store level wireless routers often found on sale for under $100 and touted as a "firewall" being used in a business setting. Or even worse, just using the modem provided by the broadband provider du jour. Let me help you with this - for free - it's not good! No bueno, sehr schlect, call it what you will, but don't call it a business class firewall.  These devices do not have the intrusion prevention mechanisms, country of origin, BotNet, or malicious content filtering capabilities needed in today's cyberthreat landscape.

Yes, I see you out there with the sheepish grin.. While I might call you out for neglecting your businesses security, I don't blame you. Running a business is expensive, and you were probably given advice by someone, or read a review online, or have fallen victim to an IT support provider that really does not understand cybersecurity..  and so, I won't judge.  I would rather educate business owners on the harsh reality of why they need to work with a professional security focused MSP to ensure that the most critical component in their cyberdefense arsenal is right-sized for their current and mid-term needs.

The average payout for a ransomware intrusion on a typical business network is up to $111,605 ( April 2020 study) and as a small business owner myself, the last thing I want to be doing is footing that kind of bill.  While you may recover from the problem, what is often missed in this calculation is the lost customer confidence that can further erode your bottom line over time.  Having the right firewall is the best first step a small business can take to defend against this type of intrusion, and a small price to pay in comparison to the risk.

With the average time to detect an intrusion ranging from 90 - 180 days, sometimes more, having a strong barrier to intrusion is the best first step you can take other than educating your workforce on how to recognize common threats. (Cybersecurity awareness training should be both mandatory and ongoing, and directed from the top down). The amount of downtime that occurs when a malicious intrusion happens can be staggering. To a a small business, this can often result in becoming the straw that breaks the camels back.  

Investing in the right firewall can mean the difference between long term success and failure. If you have not had a cybersecurity assessment performed in a couple years, partner with a reputable MSP or MSSP (Managed Security Service Provider).  They should be able to sit down with you, determine your organizational cybersecurity maturity level and make the right recommendations to help you safeguard your business.  If you are in the Western Massachusetts, Northern Connecticut area, contact us by web, or call us at (413) 786-9675.

Stay tuned for our next look at securing your business with our upcoming blog on endpoint protection.