It’s all over the news lately – large companies getting hit with ransomware, or reporting on massive security breaches affecting millions of people: Yahoo, Gmail, Verizon, Equifax, and most recently Deloitte. Company records stolen with the private information of their customers and employees to be bought and sold by cybercriminals on the black market. With this degree of success, experts agree cyberattacks will continue to be a rising threat into the foreseeable future.
It’s Not Just a “Big Company” Problem
What’s more alarming, but underreported on the front pages and in your newsfeed, is that cyberattacks on small and medium-sized businesses (SMBs) are prevalent – and costly. According to a newly-released study by the Ponemon Institute*, 61% of SMBs experienced a cyberattack in the past 12 months, up from 55% the previous year.
More alarming is the total cost of these breaches. Although actual ransom costs aren’t high, on average just over $2,000, it’s the collateral damage, loss of IT assets, and downtime that are straining SMBs. These costs total up to well over $2 million on average, which can have a devastating impact on the health of any organization.
Bypassing Technology and Finding the Weak Spot
Cybersecurity defenses have evolved and improved over time. Manufacturers of firewalls and anti-malware continue to adapt their products to the ever-changing threat landscape. These and other technologies, like a robust back-up and disaster recovery solution, continue to be a necessary part of any multi-layered cyberdefense system.
Unfortunately, criminals are adapting as well, rising to the challenge and resorting to the modern-day version of the con game: social engineering and phishing.
The dictionary defines social engineering as “the use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes.”
Phishing is one of the most prevalent tools they use - approaching their victims through e-mail, posing as bank or other trusted institution to steal information or to have them click a link to launch a ransomware attack.
The Solution – Training
When polled, SMB respondents that had suffered a data breach in the past year reported that the number one root cause of the breach was a negligent employee or contractor. They just didn’t know that the link they clicked was malicious, or that the request to transfer thousands of dollars to support a business deal really wasn’t an e-mail from the boss.
In response to these concerns, GRIT Technologies is pleased to provide a way to turn well-meaning employees from the weakest link to a human firewall. Our comprehensive Cybersecurity Awareness Program, is a fully-customizable, online training campaign we’ll design based on your needs and administer on your behalf.
Throughout this program, your employees will learn through engaging, interactive modules to recognize all the deceptive methods criminals use to break into your network to hold your data hostage, steal sensitive information, or empty your bank accounts. Their training will be tested over time with simulated e-mail phishing attacks to challenge and reinforce their detection skills.
Your employees are the last line of defense in the protection of your business. Criminals are targeting them, finding new and clever ways to steal what you and your team have worked so hard to build. Don’t leave them exposed, unarmed and unaware. They need to be trained and on-alert with the security mindset they’ll receive through our training process. Call us today to get started!
* 2017 State of Cybersecurity in Small & Medium-Sized Businesses (SMB), Ponemon Institute LLC, September 2017.