The very first step involved in solving any problem is usually recognizing that the problem in fact exists. While this may sound obvious, it can actually present a stumbling block to the IT security of some small and medium-sized businesses. Reporting on cyber crime sometimes tends to focus only on two aspects of the computer-using world: e-commerce companies and large entities such as government agencies or huge companies with thousands of employees. Unfortunately, this tendency can skew perceptions and cause SMB owners and managers to feel that they are less likely to be targeted by hackers and other cyber criminals.
The truth is actually the reverse. News reports focus on the larger stories that sometimes involve damages that range into hundreds of millions of dollars because those very numbers make for eye-catching headlines. In the real world of business, however, cyber criminals are often drawn to targets considered ‘soft’. These targets are the smaller companies that hackers suspect lack the resources to mount a robust defense against intrusions. In many ways, therefore, small and medium-sized businesses are actually on the front lines of the battle to keep resources secure.
Steven Chabinsky, whose experience includes serving as the FBI Cyber Division's deputy assistant director, understands the challenges involved in helping small businesses clearly see their need for improved IT risk management. "Cyber crime is having enormous real consequences, which holds the potential to cripple businesses and services,” he has commented. “For those… [not] involved in IT security, it may be hard to understand why it is so difficult to secure an organization’s computer system. Theft against our networks routinely occur while the front doors to our businesses and agencies remain well-guarded, the file cabinets remain locked, and the motion detectors remain undisturbed when we leave for the night,” he explains.
The silent nature of many cyber crimes makes them all the more difficult to detect, a factor which works in favor of the hacker and against the small business since it can mean that an intrusion continues for days or even weeks. Hackers can install malware programs in a system that will allow them to remotely access the system and harvest private data for as long as the malware remains undetected.
Many SMB managers and owners are finding an innovative solution to their need for improved IT security: managed services. In this IT support model, a business contracts with an IT company to provide services such as remote assistance and continuous monitoring of networks and systems.