Long before the first reported cases of coronavirus, small businesses said that security was their number-one priority. This concern isn’t surprising. Nearly 50 percent of all cyber attacks are aimed at small businesses. That’s more than the data breaches faced by public entities, financial institutions, and healthcare organizations combined.
If you’re like a lot of small businesses, you may be operating with a small—or nonexistent—IT staff, so effective cybersecurity can seem out of reach. But with an increase in the number of remote workers accessing your business network with a host of personal devices, effective cybersecurity is more important than ever.
New targets for hackers
Cybersecurity experts like those from the Cybersecurity and Infrastructure Security Agency (CISA) in the U.S. have seen an increase in cases of hackers preying on remote workers. Cisco Talos Intelligence Group, one of the largest commercial threat intelligence teams in the world, confirms that cyber security incidents are up across the board. And, they note, small businesses are among those most frequently targeted. Talos also calls out the thousands of new websites focused on coronavirus that have appeared since the start of the year, many spreading misinformation, and new malware and phishing campaigns using COVID-themed lures.
For example, some online resources about the virus have proven to house malware that gathers visitors’ passwords, usernames, and credit card information. (In this case, the infected site mirrors legitimate data about the coronavirus compiled by Johns Hopkins University.)
At the same time, Talos reports that some of the tools and technologies that are helping remote workers stay connected may also put users at risk. Cyber criminals are taking advantage of the rising demand for video conferencing, with malicious users joining random calls and sharing inappropriate content. In another example, forty-two million users of a third-party version of the popular Telegram messaging app had their information exposed. (Note: Talos defends Cisco customers against known and emerging threats, discovers new vulnerabilities, and interdicts cyber threats before they cause further harm.)
Respond with the basics, then grow
The right combination of firewalls, endpoint security, and cloud security forms a strong foundation, even when employees are working from home. Make sure you apply the latest software patches and security configurations. Ensure your employees are cyber aware, relying on strong passwords and dual-factor authentication whenever possible. Also encourage caution with emails from unknown senders that contain attachments or embedded links.
To help small business like yours get technology to enhance security, Cisco is providing extended free licenses for four key security technologies designed to protect remote workers:
- Cisco Umbrella protects users from malicious Internet destinations whether they are on or off the network.
- Duo Security verifies users’ identities and establishes device trust before granting access to applications.
- Cisco AnyConnect Secure Mobility Client empowers employees to work from anywhere on company laptops or personal mobile devices.
- Cisco Advanced Malware Protection (AMP) for Endpoints prevents breaches and blocks malware at the point of entry.
(If you’d like to try Cisco Webex for video conferencing, online meetings, and more, free 90-day licenses are now available.)
We’re in the midst of a challenge unlike anything we’ve experienced before, and often, community can help. Visit Cisco’s small business community to join the conversation. Then, please share your experiences with me in the comments. I’d love to hear what you’re doing to keep your business running.