There’s a decent chance your IT team is woefully lacking in the skills needed to protect your organization from the growing cyber security threats. New research reveals organizations are understaffed with employees lacking in skills to protect networks.
According to new research
- 54% of organizations surveyed do not have cyber security skill levels appropriate for organizations of their size
- 57% of organizations surveyed do not have enough security operations for organizations of their size.
This cyber threat skills shortage directly affects an organizations ability to detect, prevent, and respond to security incidents.
The professionals surveyed highlighted these particular weaknesses stemming from the skills and staffing shortages.
- Hunting for Security Threats IT: Staffers are often too busy responding to incidents to be proactively looking for security threats. And if they do have the time to look for threats, many have not taken the time to grow the advanced skills necessary to spot the increasingly sophisticated attacks.
- Prioritizing Security Alerts: The increasing number of tools that can alert security professionals about incidents has created a lot of noise. Many IT staffers don’t have the skills to assess and prioritize the growing number of alerts.
- Securing the Root Cause of the Incident: Security team members often respond to security events by putting out the obvious fires. Again, because of a shortage of staffers, and increasing demands, the security team can forget to take the vital step of discovering the cause of the incident, and working to prevent it from happening again.
- Thoroughly Tracking Security Incidents: Many organizations lack documented processes to track security incidents from discover, to investigation to remediation.
The Network Team has worked with dozens of small and medium sized businesses with similar concerns. You’re not in the cyber security business. Your IT department should be focusing on ways to further your business goals with technology. TNT has a staff of highly trained and certified engineers, backed by world-class cyber security tools and solutions. Let us take the stress off of your employees, and handle your security.
Hackers are now angling to get you to do their dirty work for them. Security researchers have discovered a new kind of malware offering victims a ‘nasty’ way to unlock their files. Instead of paying a ransom with bitcoin, victims need only send the ransomware to another unsuspecting victim. If two or more others are infected by your personalized link, the hackers will release your encrypted files.
This new malware, called Popcorn Time, may also delete the victim’s files if you enter an incorrect decryption code too many times. Malware Hunter Team found the new tactic, which is still in development, and hasn’t been released yet. But security experts are keeping their eyes on it.
Ransomware is becoming the number one malware used by hackers who’ve already encrypted information from small businesses to major health care organizations.
Protect your information from hackers and ransomware
- First and foremost, regular backups of your most important files could help take some of the ‘bite’ out of a potential attack. With regular, offsite backups, you could be less at the mercy of the hackers.
- We cannot say this enough: education, education, education. Train your employees about the latest tactics used by hackers, and encourage them to never open an attachment or click on a link that looks suspicious – even if it appears to come from someone inside your organization. Cyber criminals are getting increasingly sophisticated, and better at spoofing email addresses.
- Patch your operating system, anti-virus, browsers, etc. and keep them all up to date.
- Consider setting up additional firewall protection to enhance security.
The Network Team has solutions and training to help with all of these. Reach out today to find out how we can help protect you.
Another day, another major hack discovered that affected millions of people. Uber was hacked in 2016, exposing personal information from 57 million people, and the company did not reveal the hack until November 2017. The hackers got names, email addresses and phone numbers of Uber users. Hackers also got driver's license numbers for 600,000 of those victims.
As hacking attacks become more commonplace, it can be easy for them to fade into white noise. Instead, they need to open our eyes to the growing risk from hackers.
As the ransomware epidemic continues to spread, ask yourself how vulnerable your business is to cyber-extortion. A vulnerability assessment is a good first step to strengthening your defenses.
Six questions to ask in assessing your ransomware vulnerability.
- Are you training users on the dangers of phishing?
2. Do you back up your business data regularly?
3. Do you have anti-phishing email security?
4. Have you deployed endpoint security with specific ransomware protection?
5. Are your mobile devices secure?
6. Do you have a patch management policy?
If your answer to any of the above is no, you have a problem. If you want to avoid a ransomware attack, start working on turning those no's into yesses.
TNT offers classes to train users on ransomware and security related issues. Contact us today to learn more.
No story convinces like a personal one. As president of The Network Team, I knew that my leadership was contingent on practicing what I preach and what I ask our team to preach. Here is our story of our cloud migration. Since the story isn’t done, it represents a great, real time dialog and I want to connect with some of the fears that nearly everyone has when they think about giving up control. This is a case study that isn’t finished.
TNT is a sub-20 employee IT Services Provider. We sell other people’s boxes and software, and we do a lot of work to optimize and customize the offering for each of our customers. We operate as a virtual, non-brick-and-mortar (NBAM) company and our motto is, “work is a thing you do, not a place you go.”
TOOLS WE USE:
We created technology for internal use that allowed us to efficiently operate. We had Citrix for application delivery of all our killer business applications. We had a Microsoft Exchange Server, setup to synchronize with all our IP phones and tablet devices, so email was portable. We used a pure Cisco Unified Communications Platform (the same one we sell and maintain for our customers) and we had a backup appliance that kept our data safe. We had a firewall, a voice router, a couple of switches, a couple of servers (all running Microsoft Products, of course), a Storage Area Network, and a LOT of programs, most of them used once in a blue moon.
COST BEFORE CLOUD MIGRATION:
- We purchased our equipment at a huge discount, and we kept our boxes up and running always by paying ~$1000 a month to a data center provider in Charlotte, NC.
- We used approximately $500 a month in backup and disaster recovery services.
- We paid $300 a month for telecom services for our voice technology, in addition to $600 a month for cell phone services for our team.
- We spent $35,000 on a custom piece of software that integrated quoting, project management, time and billing and reporting, and it ran on a Citrix platform that everyone accessed. Although the software was free for us as partners, it required approximately 3-man weeks to build it and debug it, and it still requires a few man days a year to maintain.
- Occasionally, we purchased maintenance contracts for our equipment, but typically avoided this until we HAD to. We used spare boxes in the event of failures. The total cost of these contracts amounts to $1000 a year.
- We had a cloud CRM system to creating and tracking our sales and marketing efforts, and this product was a rental service that cost us $5000 a year. It also required about 2 weeks a year (this is a guess) of our marketing director’s time to learn to use and debug issues as they came up. It was proprietary and didn’t integrate with our other tools.
- Finally, we have a subscription to a service that keeps our SharePoint file structure available, pain free, as a shared drive, and that costs $720 a year.
THE JOURNEY of our Cloud migration
The first technology we dumped in our cloud migration was email. We moved all our mailboxes and associated services (archiving, backup, spam filtering, et al), to Office 365. The monthly cost for us, as a Microsoft Partner? $0.
The second item we dumped was our internal time tracking system. Although we had no real ongoing costs with the product after the initial outlay, it required multiple man weeks a year of effort to maintain. In addition, it wasn’t consistent in operating as it was designed. Since it was proprietary code, there was no support package that we could buy to help us when things broke. We replaced it with ConnectWise. ConnectWise was and is most attractive to us, in that it integrated with all of the other tools that we have come to know. ConnectWise costs us $500 a month for all our user fees, and I imagine that will go up, incrementally, as more users are added to the system and our company grows. That said, there is no server or data center to maintain, no backup to message, no upgrades to perform.
We moved the two remaining applications that we require (Quickbooks for Accounting and Quotewerks for quoting) into the Microsoft Azure Cloud. Although these are still software packages that we buy (less than $1000 a year for both), the hardware and operating systems that they run on are now someone else’s problem. We run both on one server that we can expand as needed, and we back it up, in real time, inside of Azure. This saves us the $500 a month in backup services, as well as removing any time required for TNT engineers to abandon work at a customer’s location to maintain our network. As a partner, we get Azure credits to offset our usage. Last month, the bill was $27 for the server and all the apps running on it. I anticipate that number will stay steady at less than $50 a month for the foreseeable future.
ConnectWise will also double as our CRM platform and our primary marketing platform. The incremental cost of this is $50 per month. This cuts the $5000 a year number down to zero. Our monthly ConnectWise bill will go up by $50, though.
We can also decrease the size of our data center, as now we will only be hosting our Cisco Powered voice network that we use internally and resell to our customers. The currently best quote we have is $414 a month, and we will probably take that.
We will keep our SIP trunk provider and their $300 a month number, as we are still under contract with them. They have historically provided us with good service…even though our main number is down, even as I type this.
We will migrate all our file services to the cloud.
Our hard costs will go from $26,820 a year to $25, 768 as part of this cloud migration. That is only a $1000 difference (~3%) However, our soft cost in terms of time spent on internal tools goes from $21,800 a year to $2,600 a year. When I combine the total “before” cost of $48,620 a year to the after cost of $28,368 a year, the picture justification becomes more palatable.
We remain at the mercy of the public Internet in either model, as do our customers. We also have the one-time cost associated with the migration and the internal loss of time that each employee will experience as they learn the modern technologies. That said, we encourage our customers to consider a cloud migration, so it is only logical that we demand it and expect it of ourselves in the process.
I will be using these savings to pay employees addition compensation (they have earned it!) and grow the business.