While the so-called SolarWinds data breach was originally characterized by some as an “act of war,” that’s probably unfair. It’s better classified as an act of espionage or intelligence gathering operation—by an adversary. In other words, there could be more—and even worse—still to come.

The potential ramifications, both near and long term, are enough to keep leading cybersecurity executives up at night—especially since many SMBs (and the MSPs that serve them) are still inadequately prepared to respond from cybersecurity and business perspectives. That needs to change, according to a panel of executives during a cybersecurity panel powered by the CompTIA ISAO at CompTIA’s Communities & Councils Forum.

Whatever it is that’s happening… Why does that affect SMBs?

The world is changing, but most businesses are not. As simple as that.

Most businesses always viewed the IT part as an expense, and that they can get away with paying as little as possible for the lowest level of service that can allow them to keep their operation running. This approach was not too bad back when a computer was used for spreadsheets.

Now, however, a computer (as well as a phone and camera and even the thermostat) is a node on a network. And this is what changes everything.  We are now operating nodes on a network!

Your phone is not your phone anymore. It is an integral part of a network and is connected to everyone who decides to join that network. Good and bad people are on that network, business oportunities as well as dangerous criminals. Every crime that can happen in the real world can happen in the virtual world. Since a German hospital lost a patient when they lost their operating systems to a ransomware it has become official; one can lose everything including their life due to “computer problems”.

There are 29 million small businesses in the U.S., many of whom don’t understand how vulnerable their company is to a cyber event, nor how to respond, according to Jay Ryerse, ISAO EAC vice president of cybersecurity initiatives at ConnectWise and member of the Executive Advisory Council of the CompTIA ISAO.

When bad things happen, because they will, what is your plan? 

What are you doing to protect your organization from credential harvesting? (do your employees know what that is?). 

Today, every organization using even a laptop need to get their employees trained roperly, they need to develop preventative policies and recovery policies as well as business continuity plans. The very survival of the organization depends on its computers, don’t let hackers control them!

General recommendations

We recommend the following security precautions for a better protection of your network and a better chance at recovering in the event of an attack:

• Train everyone and train them well!
• Have your policies set and well-thought. Keep updating them, train to use them. Make “fire drills” to be sure everyone knows what to do.
• get your infrastructure setup properly to use the right Intrusion Detection System, endpoint protection, backup, etc…
• Get insurance!
• Ask a Cyber Security agency, or professional. Someone you trust. Someone that does not have you in their sales scope.
• Train everyone and train them well! Oh did we say that? It’s okay, do it twice. It is that important indeed.

Don’t hesitate to call us for a question or three, we always provide free advice for everyone!