When we start talking to our clients about IT security, we often hear: “I have an antivirus; I don’t need a firewall right?”
Wrong! An antivirus is useful to identify a threat and quarantine it but it does not prevent viruses and other malware to reach your employee’s devices. A firewall is a gatekeeper for your network and all the devices connected to it. It allows you to proactively block cyber-attacks, spyware, viruses and malicious apps.
“Yeah ok, but I am an SME, who would want to attack me? Isn’t this valid for large multinationals?”
SMEs typically spend less time and money on network security than larger firms. That means they’re easy targets for cyber-criminals.
Hiscox’s Cyber Readiness Report 2019 states that “while larger firms are still the most likely to suffer a cyber-attack, the proportion of small firms (less than 50 employees) reporting one or more incidents is up from 33% to 47%. For medium sized firms with between 50 and 249 employees the proportion has leapt from 36% to 63%.”
These crimes don’t always make headlines like those that hit huge entities, but they’re far more pervasive. An attack on a SME costs $ 8,700 in average and 60% of small businesses hit by a cyber-attack go out of business within 6 months of the attack. There is no safety in being small when it comes to online threats!
3 steps to step up your IT security
Now, if you’re convinced that you need to improve your IT security, we’ve listed a simple, 3-step approach to help you out.
Step 1: Invest in a firewall
The first step is to upgrade to the protection of a next-generation firewall (NGFW) or unified threat management (UTM) device that combines all of today’s necessary defenses in a single easy-to-manage and cost-effective appliance.
Step 2: Break the Kill Chain
Today’s sophisticated security devices have controls to catch different parts of an attack, but attackers can still find ways to evade defenses. Defense-in-depth fills the gaps by breaking the attacker’s kill chain.
The theory behind the kill chain is that the more layers (or links) of defense you create to prevent different types of attacks, the more you maximize your protection. Each link represents part of an attacker’s methodology, but also represents an opportunity for you to implement a defense.
Step 3: Identify the threats
Small businesses are breached every day, but a third of them admit to being uncertain about whether or not they were attacked. It can take up to an average of 80 days for businesses to notice they’ve been breached. By that time, the damage is already done. These breaches are being missed because we’re drowning in an ocean of data.
Since you can never have perfect defense, the third critical step in your security strategy is to implement discovery-and-response tools to help you see and handle the incidents that get past your gates. You need a tool that brings the data from all your security controls together and correlates different security triggers into a single incident so you don’t miss signs of a sophisticated, multi-vector attack.
How can goCloud help you to implement these steps?
At goCloud, our go-to solution is WatchGuard.
WatchGuard has pioneered cutting-edge cyber security technology and offers enterprise-class defense that’s designed specifically to meet the unique needs of SMBs.
Need some help to figure it all out? Have a look at goCloud’s IT security solutions.