blog

What if your company could be hacked in 2 minutes?

The scary world of social engineering.

SIMPLE SECURITY GUIDANCE AND ARTICLES DIRECT TO YOUR MAILBOX

What you need to know to protect your business, de-geeked and accessible to everyone

Subscribe
by Mike Knapp in Business Leaders

What if your company could suffer a major security breach with in under 2 minutes? Would we have your attention?

In this short video from CNNMoney, they talk with a couple white-hat hacking firms what test your cyber-defenses.

Spoiler alert: The company fell for their staged attack.  Would yours?


This is a real risk – it’s the exact scenario that’s been going on for years with fake Microsoft and Dell support people calling to homes and businesses about computers reporting issues.

In a world with outsourced IT departments who don’t necessarily know every staff member, you can’t count on IT (or your team) knowing everyone they may talk to.

How do you reduce the risk of this kind of attack? There’s a few things you can do:

Security awareness training

Make sure your team is able to recognize a range of social engineering attacks.  The more they’re aware, the more they will question other potential threats.

Content filtering

Malicious content filtering, available through services like Cisco Umbrella and the Unified Threat Management module in newer firewalls should be considered by every business.

These systems leverage the power of community and threat feeds to block known bad sites and content before it reaches your computers.

If the attack above were real-world, the link may have been blocked by the content filter.

GREAT antivirus / anti-malware

Regular antivirus simply isn’t enough anymore.  There’s too many new threats coming out for it to keep up.  A layered antivirus / anti-malware solution is your best option.

When the user clicked the link, if it tried to install software, your defenses should catch it.

Are you confident in your defenses?

With more than 60% of SMBs having experienced a cyber-attack, it is by far the top IT risk for businesses.  How confident are you in your defenses?

Every business should have a cyber-risk assessment done by an independent 3rd party (who isn’t managing their IT).   This kind of assessment helps give a clear view.

The output should of an assessment should be a roadmap on how to improve your defenses and reduce your risk

Leave a Reply

Your email address will not be published. Required fields are marked *

SIMPLE SECURITY GUIDANCE AND ARTICLES DIRECT TO YOUR MAILBOX

What you need to know to protect your business, de-geeked and accessible to everyone

Subscribe