Synack, a company that checks to see how vulnerable companies are to hacking, sees companies getting better at taking care of these issues.
“What we’re seeing right now is that a lot of the industries, such as financial services and federal government and health care are really starting to take cybersecurity seriously,” said Mark Kuhr, CTO & Co-Founder of Synack. “They are investing heavily in solutions that allow them to provide continuous security protection. They’re recognizing that the adversary is ever present and ever increasing their skill set.”
Small businesses best defense against hacking is to get lost in the crowd and not make themselves a target.
“What I always tell small businesses is that you need to use managed service providers that have the security baked in,” said Kuhr. “There’s no reason to run your own email servers, for example. Get a large provider, Office 365 or Google to run that for you. In addition, you want to reduce the amount of your attack surface.”
In other words, only expose what must be exposed to the Internet and practice common sense when dealing with anything that comes in from the internet. If you aren’t expecting it, don’t open it.
“It comes down to email,” said Kuhr. “You do a lot of work online in email and these phishing attacks, where an adversary is sending you a malicious email message to exploit on to your network. I think about small businesses like dentist’s shops, where you’ve got lots of personal information being processed in the office and lots of emails flying around. You need to use managed services for that, so you’re not storing anything locally in your network.”
For more information on how Synack can test your systems to be sure they’re up to snuff, go to synack.com.