2020 has been nothing short of unpredictable. For the first time in recent history, people’s New Years’ resolutions were halted due to the Covid-19 shutdown. At least for people who hadn’t given up a week into the year.
One thing we can all take away from the past 6 months is that what we were accustomed to in the past may not carry into the future. For example, masks. At one point in time mask-wearing was reserved for Halloween and masquerade parties. Now you can’t enter certain stores or attractions if you aren’t wearing one.
Another area that is going to take some more time to revert to pre-COVID-19, is working from the office. While in most parts of the country businesses have been allowed to resume normal operations, most companies are taking a methodical approach and easing themselves back. In the short term, working from home is a steady fixture in the business landscape. This means if you’ve been avoiding addressing your security lapses, and plugging your weak areas, time may be running out. Waiting much longer could result in a serious security breach.
Israeli researchers discovered vulnerabilities in many IoT devices from routers to “Smart home” products such as light bulbs. Dubbed Ripple 20, the potential number of devices at risk is alarming. With so many potential threats around you, ask yourself are you at risk? Are you employees at risk? As Covid-19 has taught us, no one has gone unaffected. The shutdown, and changes to the way we work reached everyone.
You can draw parallels between the Covid-19 quarantine and today’s threat landscape. Anyone who uses a laptop, desktop, mobile device and uses email and the internet is potentially at risk. Some are more at risk than others.
If everyone using a connected device is at risk, what can be done to lower the risk?
There are several steps that can be taken to reduce your exposure and ensure you are up and running quickly.
The great news with these steps is that they can be applied with your employees working in the office or working from home. The security of remote employees has proven especially challenging Security Awareness Training According to a report published by Cisco, 92.4% of malicious software is delivered by email. Scammers have used email to deliver fake invoices, and fleece companies of hundreds of millions of dollars. Yet, email remains the communication tool of choice for most businesses. Email has replaced verbal communication, and that has no chance of changing any time soon.
96% of phishing attempts come by way of email.
With email being so prevalent in business communication, it is not surprising that scammers and malicious actors would try and use it for their purposes. Spam filtering can help, but despite the best filters, some emails still seem to make it through. The emails that make it past your spam filtering are the ones you need to worry about. They look legitimate and appear to have originated with the actual sender. But did they?
Hackers borrow many techniques from legitimate marketers. They use scarcity, sincerity, curiosity, and play off your emotions. Scammers know that if they can get someone to react, without thinking, then they will succeed. However, when your employees are trained in the proper techniques in identifying a spoofed email, your level of risk drops dramatically.
End Point Detection and Response
Sometimes referred to as End Point Detection and Response, or Managed End Point Detection and Response, EDR is the new generation or next generation of anti-virus software. EDR combines artificial intelligence with human security professionals to rapidly detect and respond to attacks. EDR can protect from zero-day threats and lateral movement across your network. In some cases, EDR can use client isolation and offer the ability to roll back clean copies of your files should a ransomware
attack prove successful.
Remediation is included in most EDR solutions. Be sure to check with your vendor to ensure that cleaning up after a ransomware or security breach doesn’t incur an additional expense. Professional security services command a steep hourly rate that rival that of a good attorney.
You can see why choosing the correct EDR solution is vital. EDR is designed to seriously limit the need for remediation. When doing your research, put the solution to the test. If you are being charge remediation at an hourly rate in exchange for a reduced cost, it is critical to know if the EDR service can prevent cyber-attacks.
Next Steps
Security Awareness Training and End Point Detection and Response are two ways to keep your business and your data protected. To maintain the proper level of security you need to utilize a layered approach. Schedule a call with our team of experts and discover if there are any gaps in your security policy and receive a free Cyber Threat Assessment. The Cyber Threat Assessment can be conducted in person or remotely, whichever you prefer.
Call Today 216-619-2000 opt. 3 or email sales@n2net.com