A Cybersecurity Definition is very lengthy to define
Why? Because it’s so complicated, and that’s an understatement. It is an epic topic covering most topics mankind deals with, in the twenty-first-century world in which we live.
If you want one-click access to the definition, without reading this post, (click here) and you’ll go to Wikipedia where you can read their thoughts on the subject.
Having experienced this for myself, I can say the Wikipedia article on cybersecurity is thorough, answering all the questions I had, answering question’s I didn’t even know existed.
The Cybersecurity Definition is that big
The Wikipedia definition is so big that you just keep scrolling down the page. I thought my ears were going to pop. It seemed like it might not end, except I knew it eventually would end by the position of the scroll bar on the right-hand side of my monitor. Wow! What a long in-depth definition and explanation.
But then why not?
The topic of cybersecurity truly is that big. Or as Wikipedia states, “Due to its (cyber security) complexity, both in terms of politics and technology, it is also one of the major challenges of the contemporary world.” Major challenges of the contemporary world?! Serious? Yes, I think so.
Cybersecurity and small businesses (SMB)
Spoiler alert! For all of you critical thinking cybersecurity experts out there, this article you’re reading right now is not intended for you. It’s written for the owners and managers of small businesses (SMB’s) who are not cybersecurity experts.
If you are an expert in this field of cybersecurity you may want to stop reading right now because you’ll find this article to simplistic. You’re welcome to stick around, but I know you’ll have your own opinion about everything we state here. You may even have good reasons to say so.
As an IT Services provider, dealing with hundreds of SMB for many, many years, we’re writing for them. Not cybersecurity experts. Just saying.
All that said let's begin . . .
“Cybersecurity!? Geez. As if I didn’t have enough on my plate around here.”
Our potential new customer rolled her eyes as we chatted about her computer network and the changes she wanted to make in her business. It was our second meeting with her.
Our first meeting was to perform the network evaluation she asked us to do. And now, at this second meeting, we submitted our written network proposal to her.
Her comment was one of many others she would have as we chatted about the issues we had found on the computers running her small business in Portland, Oregon.
No network is perfect
There is always something you can do to make them better, faster, more organized and user-friendly. But for the most part, her small network was in pretty good condition.
However, we told her the router she was using was not up to business standards.
In fact, the router her business was using, had been designed for home use. It was not a corporate grade router. Or as we like to say, especially when it comes to security, “You need an industrial strength router. The one your using is a good router, manufactured by a very good company, but it was designed for home use. It was never designed or intended for business use. You should upgrade it.”
As we discussed the findings of our evaluation, I could tell she was not prepared to chat about security.
Most SMB owners fall into this category. Many of them have the opinion of, “I’m too small. No one is going to try and hack the computers here at this small business.”
You have no idea how wrong that “I’m too small . . .” opinion is
Cybersecurity must begin with the realization by the owners of SMB’s that hackers are specifically targeting SMB’s because they are small! Smaller businesses typically don’t invest the money needed for the technical expertise, hardware, or staffing to properly defend themselves against the hackers trying to attack them.
Target, Facebook et al, have millions of dollars to spend on cybersecurity and yet those major corporations are successfully hacked. Why we think it will be different for small SMB’s is exactly what the hackers want you to think, which is, “I’m too small.”
NOTHING could be further from the truth
You’re targeted because you are small. So let’s begin here. Mr. or Mrs. SMB owner.
You are vulnerable and you need to get woke
Here’s your wake-up call . . . you and/or your employees will cause most of your security problems.
According to the Ponemon Institute (via CSR), 54% of SMBs reported that the “root cause” of their data breaches were traced back to “negligent” employees and contractors.
Cybersecurity training for employees and processes to audit vendors are serious obstacles for SMBs
We see this time and again. It’s a people problem too. I know, news-flash and a real shocker.
Most SMBs are behind in their thinking and strategy because this type of cybercrime is relatively new and not much is generally known about it by the public.
Business owners by and large invest very little money on the proper hardware protection for their business.
Hardware is only one potential problem
Nothing, nada, zip, zero, level of cybersecurity technology, hardware, and software investment is going to help you when all it takes is one wrong click, by a trusted hard-working employee, to trigger a cyber breach. We all make mistakes because we’re all human. Good employees make them too. I know from personal experience.
Cybersecurity training for employees
The following is my story. Do as I say, not as I do.
I consider myself to be a trusted and good hard-working employee here at DTS InfoTech. But one day I received a notification in my email from Amazon and USPS (United States Postal Service) letting me know that there was a problem with the book I had ordered from Amazon.
I am a hopeless and addicted book worm, a true bibliophile. So a problem with a book delivery that I was anxiously waiting for immediately got my attention and wide-eyed concern. My first thought was, “Oh no, I won’t have the book before we leave on our getaway weekend.”
I even planned ahead
Especially with books.
To make sure I had the book for our weekend, I ordered it in plenty of time. I have to have books to read when I relax.
Just reading the words in the email about “a problem with your recent order from Amazon” raised my blood pressure. Instantly, I was emotionally hooked. I clicked on the link for more information. Immediately my monitor screen went entirely red and said, “You’ve been hacked. We have your banking information. In order to resolve this problem send us . . .”
I was furious and embarrassed at the same time. I didn’t know what to do
My eyes got as big as saucers. I called my boss, Dan, the owner of DTS InfoTech, to ask for help. He immediately remoted into my system and resolved the problem. He explained to me what I had done wrong, emphasizing his irritation with me by saying, “Wally, you’re employed by a technology company! You’re not supposed to do things like this!”
I apologized and then defended myself by showing him the logos of Amazon and the USPS. Sheepishly I said, “It sure looks like those companies to me.” And he said, “You can’t go by that. You have to hover over the URL with your mouse pointer to verify that in fact, the address is a legitimate Amazon address.”
Then he showed how the Amazon name was misspelled. I missed it. How did he do that? He just hovered my mouse pointer over the word Amazon. It was misspelled and read Amazun. But I didn’t see this until he pointed it out to me.
The email was NOT from Amazon. I felt my face flush red with embarrassment
The email was from the bad guys . . .
But it looked authentic because it was an exact copy and paste of their logos.
It appealed to my emotions and hooked me.
You have to slow down. I was busy, definitely not vigilant and definitely not taking my time.
Along with the logos, it looked like it was from Amazon so I clicked it.
This was the exact behavior the bad guys wanted out of me and they got it!
But I am fortunate. I have really good technicians that are just a phone call away and the problem was resolved before I had to pay any money.
How many times do you think that story could be repeated?
The answer is too many times. Way too many times.
We’ve seen this story play out in our best customers. Repeatedly. Or, as I like to say, “I’m not the only one who gets fooled on this stuff!”
Again, we’ve seen this happen at our very best customers. Companies that are very successful. They have very smart, dedicated and educated, hard-working employees that make similar types of mistakes.
So they call us for help and we’re able to resolve their issue before it costs them any money
One of our customers has been targeted so many times that we’ve used our experience with them to improve our cybersecurity training. They are expanding the training we offer their employees by having them tested online, without prior notice, using a service we provide.
It’s not meant to catch them or get the employee in trouble. The training is meant to keep them alert, keep them on their toes and protect the company against increasingly sophisticated attacks of cybercriminals.
Unfortunately, we think this part of our business is only going to grow
So what’s a person to do in light of these very threats? How do we protect ourselves and our businesses? Educate yourself! Begin right here at DTS InfoTech.
Over the years we have written numerous articles on the subject of cybersecurity. You could just start by reading them and familiarizing yourself with the topic. We’ve listed them here in no particular order.
Education is one of the best forms of preventing a cyber-attack. With better training, victims are less likely to leave doors open and fall for the simple attacks. What do we mean by simple attacks? Click this link: The Complete Cyber Security Guide Part 1
What you need to know to keep you company running: The Complete Cyber Security Guide Part 2
Simply stated, cybersecurity is technologies, processes, and practices designed to protect networks, computers, programs, and data from attack, damage or unauthorized access: Essential Cybersecurity Toolkit Part 1
Before you get started on building a cybersecurity toolkit for your business, let’s take a few minutes and talk about the terms you’ll need to understand. These terms are very much a part of the cybersecurity landscape and you should know them: Essential Cybersecurity Toolkit Part 2
According to a recent Security and Exchange Commission (SEC) report, small businesses (SMB) are the “principal target” of cyber-attacks. Use this checklist to be sure your critical business data is protected: Cybersecurity Checklist
Essential cybersecurity? Here’s one thing the cybersecurity world can agree on: there is no single product available today that will solve all of your cybersecurity problems: Essential CyberSecurity Solutions for SMBS
Inbox scams. To the recipient, an email in their Inbox appears to come from a business partner asking the reader to “open the attachment” by clicking on the attached document: How to Spot a Cyber Scam
DTS InfoTech Can Help
DTS InfoTech is very good at training your employees on how to prevent cybersecurity attacks. Even when employees make mistakes (like I did) DTS InfoTech has your back; you will not lose data and you will not have to pay for a Ransomware attack. Let us show you how!
Most small businesses do not have the technical resources to understand all this geek stuff. If this describes you, we can help.
If you would like more information please give us a call, we’re always happy to chat and the call is free!
Dedicated to your success,
dts|infotech . . . secure computer networks that work