Ransomware has been capturing quite a few headlines in the recent months. In case you missed it, hackers threatened to release the data of 90,000 Canadian citizens at the end of May. According to CBC, hackers targeted two banks and demanded $1 million dollars in a cryptocurrency called Ripple in exchange for the release of the data. It’s unclear whether or not this demand was met.
In the U.S., the city of Atlanta has been on a long road to recovery from an attack that occurred three months ago. The attack was caused by a group who commonly uses SamSam ransomware, and they look for targets with weak security measures but high incentives to get their data back. The hackers demanded $50,000 to give the city back access to their systems, and the city refused. While refusing to pay the ransom is always smarter, it appears as though the city didn’t have enough initial security and backup in place to recover smoothly from this attack. Atlanta may spend about $9.5 million to recover and rebuild damaged or destroyed systems.
As an MSSP, you know better than anyone else that the best defense against ransomware is a preemptive offense. Your clients need to have best in class security solutions in place before attacks happen so they can avoid the heavy costs that these incidents can burden them with. While bigger attacks, like the aforementioned, are creating more awareness around these attacks, it’s still vital to keep the conversation going with the businesses you work with each day.
To help kickstart those conversations, we’ve put together a cybersecurity checklist tailored to SMBs.
- Conduct a security risk assessment. Understand potential security threats (e.g., downtime from ransomware) and the impact they may have on your business (lost revenue). Use this information to shape a security strategy that meets your specific needs.
- Train your employees. Because cybersecurity threats are constantly evolving, an ongoing semi-annual training plan should be implemented for all employees. This should include examples of threats, as well as instruction on security best practices (e.g., lock laptops when away from your desk). Hold employees accountable.
- Protect your network and devices. Implement a password policy that requires strong password and multi-factor authentication anywhere it is supported. Deploy firewall, VPN and antivirus technologies to ensure your network and endpoints are not vulnerable to attacks. Ongoing network monitoring should also be considered essential. Encrypt hard drives.
It’s likely that potential clients will take a look at this list, and areas where they need support from an MSSP will be calling out to them. For the entire toolkit designed to educate SMBs,
Bonus: You can download the entire “Cybersecurity Toolkit for SMBs” here.