By Alysia Horn
Over the past few years, hackers have increasingly targeted middle-market companies. Larger companies have been beefing up their cybersecurity defenses to not become the latest cyber breach headline, and they have more resources to ensure they stay secure. The result has been attackers moving down the food chain.
This is especially true because many medium-sized businesses serve as vendors, contractors and partners of larger companies, and as such may have access to the internal systems, networks and data of their larger counterparts. Therefore, they tend to be viewed as a means to an end – an entry point into a larger, more lucrative target.
The majority – 86 percent – of middle-market firms says cybersecurity is important for their business, according to a survey released by the National Center for the Middle Market (NCMM). Additionally, 82 percent of middle-market companies say data security is one of their biggest concerns, according to CIT’s Voice of the Middle Market 2016 report. Yet shockingly, only 45 percent have an up-to-date cyber risk strategy, per NCMM.
It’s time for middle-market companies to scrap the “it won’t happen to me” mentality. In today’s environment, the likelihood of a cyber attack on your company only continues grow. Cybersecurity should be about protecting your business’ data and managing attacks proactively so they don’t become major crises.
So, what can middle-market firms do to ramp up their cybersecurity? Here are my top suggestions:
Read the contractual requirements
When working as or with a vendor or contractor, it’s critical that you understand what’s being asked of you, not just from a performance standpoint, but in terms of your cybersecurity. It’s common these days for vendor and partner contracts, especially in industries like finance or health care that deal with sensitive data, to include stipulations specific to data security measures and technology. And yet, all too often, those requirements are overlooked or misunderstood.
If your partner has established contractual requirements, it’s imperative that you read and understand them. Share them with your IT personnel to ensure your firm can meet what’s being asked of you. Work together to develop a program around the contractual security needs and constantly monitor the status.
Implement proper security controls
Because hackers are looking for companies with weak cybersecurity controls, often as a way to reach a larger target, it’s important that middle-market companies meet or exceed the security controls from their larger partners, even if not explicitly stated in the contract.
One key tool to have in your cybersecurity tool belt is an intrusion prevention system (IPS) or an intrusion detection system (IDS), which have become standard security measures. IPS and IDS are enterprise products that look at network traffic and evaluate it against patterns or signatures known for suspicious activity and block or alert upon anything that is or could be malicious or anomalous.
Even with an IPS or IDS in place, it’s also important to have a dedicated team responsible for monitoring network activity. Proactive monitoring allows you to see who, when and where traffic is coming from and provides details needed to fix performance problems. Further, your cybersecurity team can help identify threats before they occur.
Conduct a security posture assessment
With the number of cyber attacks directed at middle-market companies continuing to grow, it’s smart to regularly assess your risks.
For companies that haven’t conducted a penetration test yet, I typically suggest they start with a security posture assessment. This comprehensive analysis, typically done by a cybersecurity firm like Asylas, gives a high-level view of every facet of an organization’s cybersecurity posture. The end result is a thorough assessment of the areas that are working well, where the vulnerabilities are and the risks they pose, what should be improved immediately and other steps to take over time.
Cyber breaches can be shattering for the middle market. Don’t wait for a devastating event before you start making changes to improve your cybersecurity.
Alysia Horn is operations manager at Asylas, a security, privacy and risk consulting firm based in Nashville, TN. With nearly 10 years in the computer forensics and InfoSec industry, Alysia’s experience ranges from internal fraud and HR investigations to information security monitoring and incident response. You can reach her at firstname.lastname@example.org.