Question: I have a small business that nobody knows much about. Do I really need to think about cybersecurity?
Answer: We’d all like to think we’re anonymous online, but thats not the nature of the internet. Your company’s website, leaked credentials and unsafe business practices are easily observable from Athens to Zhengzhou. You need to be mindful of how these vulnerabilities can distract you from growing your business. The good news is, there are simple things you can do to become a lot safer. Learn about cybersecurity best practices and the power of periodic cyber risk assessment here.
Question: How do I speak with a cybersecurity person to learn more about protecting my company?
Answer: Its easy! Just book an appointment to speak with us or fill out a form at the Contact page. Alternatively, you can use the Chat button in the bottom corner of our website. We can help you understand solutions, define RMM, EDR and industry tools to help you defend your business, and more.
Question: What cybersecurity processes do you suggest for my company?
Answer: A great start is to get your business a professional cyber risk assessment! We’ll help you understand whats visible online about your companies vulnerabilities, what’s risky about your industry, cybersecurity best practices and whats right about your current security program. Next we’ll recommend pragmatic solutions that you might consider deploying to make it stronger. We will even make coverage recommendations and scope solutions you’ll need to shop cybersecurity insurance options. It takes as little as a half hour, and prices range from $350. Can your business afford not to know?
Question: What cyber risks does my business really have? We’re small!
Answer: Your business may have vey few cyber risks, especially if you have no online activity, do not use computers and do not operate electronically anywhere. If your business, however, doesn’t fall into this category, you are likely exposed to cyber risk like the rest of us! If you’ve never spent any time on the topic of cybersecurity best practices, a good starting point is a Standard Cyber Risk Assessment that takes as little as 30 minutes.
Question: What can my business do to put cybersecurity controls in place?
Answer: Your business should be protecting its access credentials, securing data and possibly more. The business should be learning about building a corporate culture that is concerned with cyber risks. The best thing you can do if you’re unsure where to start is to get an independent cyber risk assessment that looks at the way you use technology in your business and how you exchange information electronically. Its not necessary to get too deep in the weeds to start; something pragmatic and appropriate for your business conducted by cyber risk professionals will suffice. This will help determine what type of controls may be suited for your company, and you can go from there. We offer several solutions that met the needs of most small and medium-sized businesses.
Question: Is there sensitive information about my company on the dark web? What is the dark web??
Answer: Your business can easily be listed as vulnerable on places online that criminals frequent. If you have small misconfigurations on your website or traces of leaked email credential from a breach, your company may be profiled online. The dark web refers to sites that are not indexed and only accessible via specialized web browsers. There are thousands of dark web sites that are mostly exchanging and selling sensitive information between criminals, including stolen or leaked credit card numbers, all manner of drugs, guns, counterfeit money, stolen subscription credentials, hacked Netflix accounts and software that helps you break into other people’s computers. Buy login credentials to a $50,000 Bank of America account, counterfeit $20 bills, prepaid debit cards, or a “lifetime” Netflix premium account. People can hire hackers to attack computers or buy usernames and passwords. Its not pretty. CSO has an article about it if you’d like some deeper background information.
Question: What can I do to remove my company from the dark web??
Answer: Your business may struggle to removed permanently from being listed in this places, as there’s no real authority that can regulate the activity of nefarious criminals. There is plenty that you can do to fortify your resilience to attacks, and take yourself out of the crosshairs of these criminals. The first step is to understand what information is out there, and investigate your company’s specific vulnerabilities. We often recommend a cyber scan be performed on your business, followed by a cyber risk assessment. Both of these activities are very useful to profile where you stand, and take some simple steps to protect yourself. When criminals see status changes and are unable to epxloit outdated information, they often turn to easier targets.
Question: Does all this cost a fortune? I’m not sure I am ready for this.
Answer: The short answer is NO. While its true that many cybersecurity companies target larger companies with enormous budgets for these things, pragmatic and affordable solutions are certainly available. Also, not everything you can do costs money. Using multifactor authentication is typically embedded in most software tools you already use, and good access policies can be implemented easily. You don’t necessarily need to hire internal employees to address cyber risk, and can easily use fractional leadership to help you. Contact us if you’d like a complementary discussion about strategies to do this affordably.
Question: What should I do about creating safe passwords?
Answer: This is an area of great confusion, and its important to learn proper credential management. We recommend you read our page on Password Best Practices to get this right.
Question: If I buy cyber insurance, do I not need to worry about this topic?
Answer: The answer is not exactly. Insurance is an extremely valuable part of protecting your business from being disrupted when properly insured. However, you need to have some basics in place to be insurable, and every insured client has a role to play in the partnership with their insurer. Generally, you can insure your business against losses as remediation costs, but you need to anticipate what that looks like, and be prepared for business interruption, reputational harm and other issues that can impact you. Building proper resilience to minimize these things and keep your business thriving is the best way to go, and it makes your company more attractive to insurers which can make coverage a breeze. We can help you prepare for this, learn more here.
