Page 12 - Cyber Warnings
P. 12
Best Practices in Cyber Security for Small to Medium Sized
(SMB) Businesses
by Gary S. Miliefsky, CISSP®, FMDHS
Today, like never before, we face the frequent barrage of spear phishing attacks, new forms of
very creative and nasty malware such as Remote Access Trojans (RATs), ransomware, zero-
day malware (that means your antivirus doesn’t yet have a signature for the malware) not to
mention the risks of malicious insiders, infected laptops coming and going behind our firewalls.
In addition, many SMBs face increased scrutiny by government regulators. Cyber-crime is
growing at a tremendous rate – it’s become an organized, big business opportunity for criminals,
projected to grow to $600B this year, larger than any other form of crime according to the World
Bank.
You might ask – why would my smaller business be a target – we’re not Bank of America –
we’re not Home Depot or TJMAXX or Anthem? Yes, they all are big targets for big hackers but
cyber criminals don’t discriminate. In fact, they find SMBs easier targets because traditionally,
your level of defenses against cyber-crime might not be as advanced as those at Bank of
America – who has a $400M annual information security budget. To the cyber criminals in in
the dark corners of the internet, you’re called a ‘soft’ target – they feel you are easier to exploit.
One piece of ransomware and you might be out of business. Some of the latest ransomware
exploits will not only encrypt your laptop or desktop but they also look for file servers and do the
same, automatically. Then, you won’t have any access to your own files – or even worse –
customer records – until you pay the ransom. The FBI even recommends you pay the extortion
fee. I find this all wrong. It’s completely backwards. We cannot let ourselves be victims. It’s
time to get more proactive and be one step ahead of the next attack – you are a target but you
don’t have to be a victim.
It all starts with best practices. For example, if you did frequent daily backups and tested these
backups, then when you’ve been victimized by ransomware, instead of paying the extortion fee,
why not wipe the infected computer, re-image it then restore the latest backup? When asked,
most SMBs say ‘I don’t do frequent, daily, backups” or “I haven’t figured out how to wipe and re-
image all of our systems in the event they get infected”. So, it’s that simple, one best practice –
Backup and Restore, would save you thousands of dollars in extortion fees. You could thumb
your nose at the cyber criminals instead of giving them some of your hard earned revenues.
Best practices are things you do - steps you take - actions and plans. Within those plans, I'm
certain you will include which security countermeasures to budget for this year. Although I
thought about going into details about recent security concepts, such as next generation
endpoint security or network access control, it seems more appropriate to focus on the best
practices instead of the best security tools you might consider deploying. For example, I
consider encryption a best practice and not a product or tool. I'm sure you'll find many
12 Cyber Warnings E-Magazine – April 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
