2022-07-01 00:00:00

Securitybreak-in|cyber|hacked|ransomware|rule

The one and only cybersecurity rule for small businesses

If you haven't been hacked yet, sooner or later you will be. This uncomfortable realization has been stuck in my head ever since I read Nicole Perlroth's book This Is How They Tell Me the World Ends: The Cyberweapons Arms Race. The book describes the global trade of the most wanted computer vulnerabilities, known as zero-days, that enable both criminals and national intelligence officers to break into computers almost when and where they want. What can an individual or a small and mid-size business do to protect themselves?

The ugly truth is that you can do something, but some day someone will break into your computer network or mobile devices. A recent survey by a cybersecurity firm asked about ransomware incidents in mid-size organizations across the world, and discovered that 66% of them had been ransomware victims in 2021. If the high percentage of successful attacks feels disturbing, another recent study is even more disturbing: 85% of organizations admitted they had experienced an IT related break-in during 2021.

Law enforcement is after the criminals, but cybercrime has become a massive new industry with organized groups that may operate like enterprises. A recent global field operation by Interpol depicts the scale of the cybercrime problem: 2000 arrests in 1770 locations around the world with 4000 bank accounts frozen in a single operation.

The one cybersecurity rule that sets the scene is:
Assume you have been hacked.

It is the starting point. When our small business started working from this point backwards towards the ideal level of cyber security, it was easy to see how carefree we were. During the process, we changed many practices especially with mobile devices, but we also realized what was the most valuable asset. Our data. It had to be managed more carefully, ensuring that no matter what happens we have access to it.

In addition to the Nicole Perlroth's book, good sources of inspiration are the Five Laws of Cybersecurity and Krebs's Three Basic Rules for Online Safety.

Both of these rule sets have succeeded in nailing a few key points that every small business owner and individual can understand and implement for personal computing or business environment. Cyber security in large scale is complex, very technical, and often outsourced to dedicated professionals, but the following rules are something that everyone can follow.

Five laws of cybersecurity:

  • Treat everything like it’s vulnerable.
  • Assume people won’t follow the rules.
  • If you don’t need something, get rid of it.
  • Document everything and audit regularly.
  • Plan for failure.

If anything describes these five laws in a single thought, it is the traditional Murphy's Law: "Whatever can go wrong will go wrong". As the statistics from recent studies indicate, it really is the case with cyber security at the moment. Of course, these five laws are not the only ones. For instance, Nick Espinosa's Tedx talk introduces excellent points that make you pause and think seriously about security.

Krebs’s Three Basic Rules for Online Safety:

  • If you didn’t go looking for it, don’t install it!
  • If you installed it, update it.
  • If you no longer need it, remove it.

These three basic rules are excellent advice for every computer and phone user. Especially, if someone you don't know wants you to do something on your computer or phone.

Sure, the simple strategy I have presented here is a pessimistic view on the world of computer security, but the point is this: it is eyeopening to build a scenario where your small business network or personal computing system has been hijacked or completely shutdown by adversaries. How do you recover?

News

2025-01-21 18:01:00

Well, they are capitals of European countries that have been awarded an extra honor for 2025 by the #EU Commission. These capital awards are annual, so here are the cities selected to represent the best city in each category in 2025. #Europehttps://klaava.com/sure-states-have-capitals-but-in-europe-there-are-also-culture-smart-and-green-capitals/


News

2025-01-15 08:59:00

Not to mention travel – when real life experiences in a destination don’t match the expectations and everything that can go wrong, goes wrong. Well, that’s the beauty of #travel. #Europehttps://klaava.com/nitpickers-travel-journal-travel-lessons-learned-in-2024/


News

2025-01-11 13:25:00

A conclusion from the Traffic Scorecard 2024 results is it takes about double the time to drive along the streets of London (the most congested city in #Europe) than the streets of Munich, which is ranked the 21st most congested European city. #traffic #travelhttps://klaava.com/the-cities-in-europe-where-people-are-stuck-in-traffic-most-often/


A shop dedicated to tasty juice

2025-01-09 14:04:10

arihak

A shop dedicated to tasty juice


in the busy old town center.

2025-01-08 16:16:08

in the busy old town center.


News

2025-01-07 14:56:00

A reminder for keeping your data safe when traveling. Why? It is likely that you have to access your most critical data in risky situations on the road.https://cybernews.com/privacy/how-to-protect-your-sensitive-information-while-traveling/


News

2025-01-02 16:33:00

What about the scenery, you who are hurrying to the other side?#streetphotography#streetphoto


News

2025-01-01 16:06:00

According to a survey, third of travelers are victims of online booking scams. Since it is so convenient to make travel reservations online, that’s what we do. The problem is that we haven’t adopted new methods to avoid online scams. #travel #scamhttps://klaava.com/a-traveler-is-more-likely-to-get-scammed-when-booking-a-trip-than-being-robbed-in-a-destination/


Perhaps road builders had too much time?

2024-12-29 15:19:44

Perhaps road builders had too much time?


News

2024-12-27 18:25:00

#Photography is full of so-called “rules” that can feel overwhelming. However, some of these “rules” are downright myths.https://www.diyphotography.net/debunking-seven-common-myths-photographers-still-believe-in/


What should I read next?

2024-12-25 15:18:22

arihak

What should I read next?


News

2024-12-23 11:34:00

Since #EU #DMA has specified #Apple as a #gatekeeper in #mobile devices, EU considers Apple should implement several iOS connectivity features, predominantly used for and by connected devices. For instance, notifications, automatic Wi-Fi connection, AirPlay, AirDrop, or Bluetooth audio switching.https://digital-markets-act.ec.europa.eu/commission-seeks-feedback-measures-apple-should-take-ensure-interoperability-under-digital-markets-2024-12-19_en


News

2024-12-21 14:51:00

Smartphone users in the US are not impressed with the latest artificial intelligence features on their devices with 73 percent of Apple users and 87 percent of Samsung users unsatisfied, according to a new study. #phone #AIhttps://petapixel.com/2024/12/19/majority-of-smartphone-users-are-unimpressed-with-ai-features-study-finds/


There should be enough ice already to open the hotel

2024-12-20 16:40:17

There should be enough ice already to open the hotel


Hiking on a mountain experience: the end of an ancient tunnel

2024-12-09 14:12:31

arihak

Hiking on a mountain experience: the end of an ancient tunnel


on a hot summer day

2024-12-02 18:47:01

on a hot summer day


Cloudy day in a valley

2024-11-25 16:31:59

arihak

Cloudy day in a valley


In the shade of a lone palm tree

2024-11-25 15:46:29

In the shade of a lone palm tree


an abandoned town?

2024-11-07 18:35:22

an abandoned town?


A quiet moment between heavy rain

2024-10-24 17:34:45

A quiet moment between heavy rain