For some business owners, they may be reluctant to invest in cyber-security protection. They may have even received bad advice from an IT guy who has a fatalistic view that if someone really wants to break into your IT system, they can and will. The key is making it as difficult as possible for cyber-criminals to get into your IT systems. Here is an analogy that corrects the false assumption.
Think of a car thief breaking in and stealing contents or the entire vehicle.
In the first scenario, some people leave valuable items on the front seat and leave the door unlocked. The “prize” is visible and enticing. The robbery is fast and there are no protections so the risk is low for the criminal. “Poof” the valuables are gone. (The unlocked cars are the companies with little or no cybersecurity protection. The cyber-criminals can see they are an easy target and can see exactly what data they can extract with little to no risk. They are the lowest hanging fruit.)
Now think of the car thief who is walking down the street trying door handles. When the door handle is locked, they move right on by. They are looking for the unlocked door. It doesn’t matter what they find, it is so easy to simply take what they find. (The car with the door locked represents companies who are making minimal efforts to secure their IT systems. They will deter basic hacking attempts in hopes the hacker will move on to an easier victim.)
Then think about a car thief who intends to steal a car. Not only do they look for the right circumstances (dark, isolated, no witnesses, no visible car alarms or theft deterrent devices) and they bring tools to help them break in. A little harder to get into the car but the criminal is much more purposeful and resourceful. For your business, you need to have an equally if not more purposeful IT protection plan using managed firewalls, unified threat management tools and best in class cyber protection tools.
Lastly, remember the movie “Gone In 60 Seconds”? They were an organized criminal organization stealing cars. They had a list of cars they needed to steal. They had organized teams and strategic planning. They even a specific target… Elenor. They were very targeted and determined. The analogy is your business represents a rich target for cyber-criminals and therefore needs more extensive protections as offered by a more sophisticated MSP or MSSP (Managed Security Service Provider).
Most cyber-criminals are simply looking for the low hanging fruit. Don’t know where to start to protect your IT system? Check your cybersecurity insurance policy errors and omissions or look toward the CIS Controls or NIST Cybersecurity Framework to guide you for creating a secure IT environment.
If you are stuck, or you just don’t know where to start, please give us a call at 951-319-4080. We will help uncover what you need to know about your IT system and recommend the appropriate steps to get your business data protected before a cyber-criminal attacks.