Cybercrime Rises up to 600%: Protecting Your Business Against the Cybercriminal

Companies have been using computing devices and the internet to save money by increasing productivity for many years. Throughout my process, I have found that this problem stems directly from the passivity based on the freedoms that this same technology has provided. What I am finding when dealing with business owners and executive teams is, that they all “Just want everything to work” without considering that their idea of “working” should not be the goal. They say “Simplicity and seamless integration” is what they say they want. But what I am finding when asking about their desire for additional protection has unearthed truths and underlying issues.

What I repeatedly hear potential customers saying is that they do not see the true value of NOT being compromised. This is almost always because they have not planned for the inevitable nature of cybercrime, which is the complete disruption of your business process. Cybercriminals show the world that they can take what you have built, and either ransom it back to you or sell the information to those who would use it against you.

The ideals of “making life easier” or “saving money,” which is most often applied to buying technology, do not apply to cybersecurity systems. There needs to be a complete paradigm shift within businesses, their owners, and executive teams. These leadership groups need to not only plan their success outcomes but make the continuity and protection of all digital assets their top business priority from now on.

Creating a good cybersecurity posture is paramount. Protection is the goal.

I have seen many business owners and leaders personally act as if their stature or position’s proclivity should preclude their participation in best practices of cybersecurity. Specifically, their function should come first and that their daily process should not be interrupted by such simple aspects of their business. Business leaders simply do not want to have to interact with what they deem as trivial concerns. It is treated in the same way that they must “deal with” pop-up advertising on a website.

When cybercrime comes knocking, though, it often is a harsh dose of reality. I have seen this firsthand, and far too many times to count. For years I have been touting the mantra of “whatever you tolerate, you endorse.” But I am also one to say that “you don’t know what you don’t know.” It is often easier to hide behind that ideology, rather than admitting that business leaders have allowed contented passivity to creep into their business practices.

Passivity is being exploited by cybercriminals en masse. Contrary to widespread belief, it is not computers that they are directly attacking. It is the business that you built. They want the details of your business that you access, store, and backup. This is often done by using the exact technology that you bought to make business and everyday life easier.

What I see is that most companies do not protect themselves with the cybersecurity training that their employees need. This, coupled with the lack of education against cyberattacks, causes holes to appear within cybersecurity infrastructures. Business continuity, incident response, mitigation, remediation, and disaster recovery planning are an afterthought for most business executives. Most companies reveal that they only made local network backups of their data on a per machine basis and believe that standard anti-virus software will protect them. As we can see in the most recent case of FireEye and Solarwinds, anti-virus software is not a complete solution.

The challenge that IT professionals struggle with the MOST is business owners and their highest-level staff not regarding cybersecurity as completely essential to business operation. These individuals want their work lives to be easily accessible and without interruption. This is understandable for your average employee, but leaders must confront the complexities of their entire business. This means giving the proper time and attention to such business-critical operations, like cybersecurity. The lack of effort given to this topic in leadership is often quite alarming. At the Interlink Group, we are looking to change that.

In a world where companies are breached every 3 seconds and where 60% of all small businesses go bankrupt (FBI), this lack of interest in cybersecurity is a trend that must change.

• According to the Ponemon Institute, the average cost for an SMB (Small and Medium Business) to clean up after a business has been breached is $690,000 and over $1M for mid-sized businesses
• 34% of businesses hit with malware took a week or more to regain access to their data (PurpleSec)
• Over 50% of organizations face public scrutiny after a breach (Cisco)
• 22% of breached organizations lost customers, and 40% lost more than 20% of their customer base (Cisco)
• 29% of organizations lost revenue, with 38% losing more than 1/5th (Cisco)
• 24% of all website traffic are malicious bots (Imperva 2020 Annual Bad Bot Report)
• 27% of employee introduced cloud apps were at high-risk (Cisco)
• Spam accounts for 45.3% of the total email traffic worldwide. (2020 Trustwave Secure Email Gateway)
• 58% of breaches caused by internal incidents or with a business partner’s organization (Forrester Research)

The complexity and effectiveness of cyber-attacks have grown considerably over the last few years. As more businesses digitally transform, hackers and their malware have even more targets and points of entry to choose from than ever before.

We have included six different layers of Incident Management and Response in our strategy to combat these threats. Infrastructure, Identity and Access, Endpoints, Network, Perimeter, & Cloud. This strategy from the Interlink Group is tailored to secure your business and push the importance of proper cybersecurity initiatives.