Some small and medium-sized businesses (SMBs) believe their size is an advantage when it comes to security, because cybercriminals are out for a big score and will target larger companies. As a result, some SMBs are more lax with their protection, which is dangerous since hackers attack all types of firms, regardless of stature.
One of the most important safeguards for any SMB is password security, but many organizations neglect this type of protection or their policies are not followed by employees. Joe Siegrist, CEO and co-founder of an identity management provider, indicated that policies are often ignored by staff members unless these protocols are forced on them, Dark Reading reported.
Siegrist noted that many SMBs are unaware of how weak some of their employees' passwords are, putting them in a precarious position. As a result, firms should have a centralized system for managing worker passwords.
"The scary thing is that most people don't know any better, so if you don't have any tools or procedures in place, you just have no shot of getting to a safe place," Siegrist said, Dark Reading reported.
A password manager is a great tool for SMBs looking to shore up their password security. These solutions generate complicated phrases using advanced algorithms, making it difficult for hackers to bypass those safeguards. Also, employees no longer have to worry about remembering complex passwords, since these tools handle this task.
According to Siegrist, SMBs should always remind employees to avoid using the same passwords, Dark Reading reported.
"You can set policies to perfectly customize how safe you want your employees to be, and know that they are doing it," Siegrist suggested, according to the news source.
This is another reason why a password manager is so effective, because it always generates new passwords so cybercriminals cannot monitor common patterns.
Cyberattacks becoming more common for majority of firms
The need for effective cybersecurity has reached a significant level, as organizations of all kinds are frequently the targets of malicious hackers. The Ponemon Institute surveyed nearly 3,530 security and IT professionals and found that all respondents said their firms have experienced at least one security breach in the past two years. Of those polled, more than half said the rate and severity of these incidents have both grown during this time.
Since SMBs lack the resources found in larger firms, responding to attacks is even more difficult. The survey found that once a business realizes it has been breached, it takes an average of 80 days to identify the main cause of the incident. What is even more troubling is the fact that organizations need an additional 123 days to fix the vulnerability.
Security breaches involve either malicious or non-malicious attacks. The Ponemon Institute said that the former involves corporate applications and user accounts, costing firms an average of $840,000 per incident. The latter negatively influences a company's brand reputation, value and image, resulting in an average loss of $470,000.
Larry Ponemon, chairman and founder of the Ponemon Institute, asserted that businesses clearly lack the proper resources and staffing to effectively protect their infrastructures from hackers.
"Meanwhile, months are passing as their key information assets are left exposed. The results demonstrate a clear need for greater and faster visibility - as well as a need to know the root cause of the breaches themselves - in order to close this persistent window of exposure," Ponemon said.
Companies of all sizes may not have the ability to control the malicious intent of cybercriminals, but they can at least govern certain aspects of their security defenses, including their passwords.
One of the most important safeguards for any SMB is password security, but many organizations neglect this type of protection or their policies are not followed by employees. Joe Siegrist, CEO and co-founder of an identity management provider, indicated that policies are often ignored by staff members unless these protocols are forced on them, Dark Reading reported.
Siegrist noted that many SMBs are unaware of how weak some of their employees' passwords are, putting them in a precarious position. As a result, firms should have a centralized system for managing worker passwords.
"The scary thing is that most people don't know any better, so if you don't have any tools or procedures in place, you just have no shot of getting to a safe place," Siegrist said, Dark Reading reported.
A password manager is a great tool for SMBs looking to shore up their password security. These solutions generate complicated phrases using advanced algorithms, making it difficult for hackers to bypass those safeguards. Also, employees no longer have to worry about remembering complex passwords, since these tools handle this task.
According to Siegrist, SMBs should always remind employees to avoid using the same passwords, Dark Reading reported.
"You can set policies to perfectly customize how safe you want your employees to be, and know that they are doing it," Siegrist suggested, according to the news source.
This is another reason why a password manager is so effective, because it always generates new passwords so cybercriminals cannot monitor common patterns.
Cyberattacks becoming more common for majority of firms
Since SMBs lack the resources found in larger firms, responding to attacks is even more difficult. The survey found that once a business realizes it has been breached, it takes an average of 80 days to identify the main cause of the incident. What is even more troubling is the fact that organizations need an additional 123 days to fix the vulnerability.
Security breaches involve either malicious or non-malicious attacks. The Ponemon Institute said that the former involves corporate applications and user accounts, costing firms an average of $840,000 per incident. The latter negatively influences a company's brand reputation, value and image, resulting in an average loss of $470,000.
Larry Ponemon, chairman and founder of the Ponemon Institute, asserted that businesses clearly lack the proper resources and staffing to effectively protect their infrastructures from hackers.
"Meanwhile, months are passing as their key information assets are left exposed. The results demonstrate a clear need for greater and faster visibility - as well as a need to know the root cause of the breaches themselves - in order to close this persistent window of exposure," Ponemon said.
Companies of all sizes may not have the ability to control the malicious intent of cybercriminals, but they can at least govern certain aspects of their security defenses, including their passwords.
No comments:
Post a Comment