On Monday October 26th, Forbes published an article titled Cyber Attacks: 5 Ways Small Businesses Can Protect Themselves. The magnitude of the problem is immense, as they point out with the numbers from a US Small Business Committee survey earlier in the year which concluded that, “71 percent of cyber-attacks occur at businesses with fewer than 100 employees."
While the steps suggested are generally informative, what do they actually mean and what does it really take to start and maintain an effective cyber security posture? Joe Caruso, founder and CEO/CTO of Global Digital Forensics (GDF), a premier national provider of cyber security solutions headquartered in New York City, breaks down the most crucial steps like this:
First step, judging the cyber threat landscape
“One-size-fits-all solutions may be great for many things, but cyber security is absolutely not one of them, because different industries typically face different threats,” says Caruso. “A manufacturing company, for instance, is probably a lot more worried about keeping designs, secret manufacturing techniques and other intellectual property (IP) safe and secure. A restaurant should probably be a lot more concerned about securing their POS (Point of Sale) systems to make sure they are keeping their customers’ credit card information from falling into the wrong hands. Financial industry businesses, on the other hand, have the entire gauntlet of threats to face, from brute-force cyber smash-and-grabs and spear phishing campaigns, to distributed denial of service (DoS) attacks which are launched to incapacitate their websites and make accounts unavailable to their clients, and everything in between. Healthcare, schools and retailers have their own ghosts to face as well. But one thing you can be sure of, if you have cyber “gold” of any kind to mine, there are always attackers with their noses pressed up against the glass just licking their chops for an opportunity to capitalize on any exploitable hole they can find. Our cyber threat assessments are designed to look at the big cyber security picture, from understanding and mapping the entire digital infrastructure and how the data flow interacts with business functions, to determining which threat vectors are likely to be the most problematic and prioritize them accordingly. We also thoroughly review cyber security policies and procedures already in place to identify weaknesses and help clients remediate them, or we help create them if none exist.”
Step two, penetration testing
“The importance of comprehensive penetration testing cannot be overstated. Even though we can always show clients mountains of statistics and pull out countless headline stories about successful cyber attacks and the long term financial ramifications victimized organizations have endured, it still won’t sink in. But run a successful penetration test and eyes will open. It’s the cyber equivalent of a live-fire exercise and just like in the military version,” says Caruso, “it stresses every system with attacks that simulate real-world incidents to identify weaknesses. When we launch one of our realistic phishing or spear phishing campaigns, for instance, and get seventy, eighty or ninety percent of the company’s employees to divulge their credentials, everyone from the employees and managers, to executives and owners get the message loud and clear. Because if it was a real attacker, they would have had complete access to the entire network to do anything they want. And we pull out all the stops with tradecraft honed by two decades of experience. We’ll set up dummy websites which look like the real thing to entice our targets, we’ll employ a variety of social engineering techniques to bypass air gaps on segmented systems and deliver payloads using things like USB sticks, we’ll leverage WiFi and Bluetooth connections from smartphones and tablets which have exploded onto the scene, and a whole host of other proven methods and techniques we have in our arsenal to infiltrate the client’s unique digital architecture. And when you can show someone how they were just victimized and how to avoid it in the future, the lessons stay with them for a very long time. That alone is a huge step towards the ultimate goal of effective cyber security.”
Surviving a cyber emergency is all in the response
“The reality is that playing offense on the cyber battleground is a lot easier than playing defense,” says Caruso. Internal IT security personnel have a million holes to plug, but an attacker only needs to find one to exploit. That’s why GDF has a network of experienced cyber emergency incident responders available 24/7 that are strategically positioned across the country, and the globe. Our responders can be onsite in hours, not days, to identify, isolate, secure and investigate security breaches. We have also developed specialized tools to immediately begin the process remotely in many cases as soon as we receive your call. Not only will taking the right approach to handling a cyber emergency help you contain the actual damage from the attack and the inevitable aftermath, but it will also go a long way towards calming nervous clients, vendors and investors, as well as satisfying many regulatory compliance headaches.”
The dangerous sink or swim world of cyber intrusions, data breaches and other cyber attacks is fluid and constantly evolving. Trusted cyber security professionals like Global Digital Forensics can go a long way towards keeping you afloat. So don’t wait to take control, or you may just become another grim statistic.
*Global Digital Forensics is a recognized industry leader in the fields of computer forensics, electronic discovery (eDiscovery), cyber security and emergency incident response, with years of experience. For a free consultation with a GDF security specialist, call 1-800-868-8189 about tailoring a plan which will meet your unique needs. Emergency responders are also standing by 24/7 to handle intrusion and data breach emergencies whenever and wherever they arise. Time is critical if a cyber incident has occurred, so don’t hesitate to get help. For more information, visit our cyber security page.