When you consider modern attacks, it’s pretty obvious that all businesses, whether they are small- to medium-sized businesses (SMBs) or a large Enterprise organisation, need a strong line up of cyber-defence tools, not just a barebones firewall and old-fashioned antivirus. You need to protect your customers first, and to do that, you have to build out a strong cybersecurity stack that can actually withstand the onslaught of modern malware.
For any business, it’s crucial to remember that, as needs shift, the conversation around cybersecurity services is only going to grow. That means making sure your customers have an effective cybersecurity strategy is no longer merely nice to have; it’s actually a necessary part of doing business in today’s world.
By following the recommendations in this guide, you can implement cybersecurity that will effectively protect your business, and also ensure your customers stay secure.
EMBRACE AUTOMATED THREAT DETECTION AND RESPONSE
While the term “antivirus” has been around long enough that it gets the point across to just about anyone you talk to, it really belongs in the consumer space. When you get to the business level, even if you’re still talking in terms of a small office with 10 or fewer employees, you need more. A solution that stops threats effectively and remediates systems automatically, so there is no need to waste time and resources on manual virus clean up.
Your customers need a solution that doesn’t just work to stop threats, but actually puts time back in their day.
Enter automated threat detection and response. Look for solutions that not only mention artificial intelligence (AI), and machine learning (ML), but also how they use them to automate tasks, positively impact ROI, and increase speed and efficacy. With the right technology backing its threat intelligence, a cybersecurity solution not only stops threats but actually predicts and prevents them proactively.
ADD SECURITY AT THE NETWORK LAYER
A recent report on global DNS threats found that businesses experienced an average of nine or more DNS-based attacks in the last year, which is a 34% increase over the previous year’s data.1 As a result, the report revealed:
• 63% of organisations suffered application downtime
• 45% had their websites compromised
• Just over a quarter (27%) experienced business downtime as a direct consequence
• 26% of businesses lost brand equity due to DNS attacks
• The costs associated with a DNS attack went up 49%.
1 in 5 businesses lost over $1 million per DNS attack.1
With numbers this high, you don’t even need to do the math to see how preventing DNS attacks could make all the difference to a business’ success (not to mention survival). Your customers should strongly consider investing in additional protection at the DNS layer.
EDUCATE AND TRAIN
The best security in the world can’t protect a business if its own employees unwittingly open the door to cybercriminals by clicking a phishing link. Your customers need to educate and empower their employees to become a strong first line of defence for your organisation.
The key to achieving good results with security awareness training is in its consistency and pace. Annual and even semi-annual training is unlikely to give you the results you want because phishers change their techniques and hooks from month to month. The training needs to keep up with those changes and incorporate them into simulated phishing attacks and training courses. But the results speak for themselves.
After 12 months of training, end users are 70% less likely to fall for a phishing attempt.2
BACKING UP DATA
If your customers employees are the first line of defence, then backup and disaster recovery are the last. In the event that a threat gets through and wreaks havoc on a network and endpoints (for example, ransomware successfully encrypts all your customers’ client records), a business needs to be able to restore everything from secure backups quickly and easily, so they can keep business downtime to the absolute minimum.
Some types of ransomware and other threats can locate and encrypt files on mapped, unmapped, external, and even cloud drives. Your customers should back up their data in at least three different places:
• Your main storage area (file server)
• Local disk backup
• Mirrors in a cloud business continuity service
In the event of a ransomware disaster, this set-up will give you the ability to mitigate any takeover of their data and almost immediately regain the full functionality of your critical IT systems. Be sure they test backups regularly, both for security and viability, and, develop a strong disaster recovery plan so that everyone in the organisation knows their role to help get systems back up and running.
When all of this is put together, it provides a strong security foundation. Not only will it keep your customers safe, but it can also help them develop a better-rounded offering.
To get started on the road to cyber resilience, you can learn more about Webroot® Business Endpoint Protection or take a free trial here.
1 IDC. “IDC 2019 Global DNS Threat Report.” (June 2019)
2 Webroot. “2019 Webroot Threat Report.” (February 2019)