3 Key Takeaways
- The biggest mistake SMEs make around data protection is doing nothing.
- Smart data backup strategies begin by identifying the assets that would prove most critical to your organization’s recovery after a cyber attack.
- Cloud-based ransomware backup solutions can empower faster movement against and recovery from cyber threats to small businesses.
Continuing our series of educational discussions with cyber risk management experts, NetDiligence® President Mark Greisiger and Gabriel Gumbs, President and Chief Product Officer of Myota, discussed ransomware backup solutions for small- and medium-sized enterprises (SMEs).
Read edited highlights from Mark and Gabriel’s conversation below, and watch the full interview above.
Don’t Make These Mistakes Around Data Protection for SMEs
Mark Greisiger (MG): When the cybersecurity lawyers and forensic experts we partner with go in after a ransomware event, they often find SMEs making a lot of mistakes, especially around backups. What mistakes do you see around ransomware backup solutions?
Gabriel Gumbs (GG): The number one mistake I see is SMEs doing nothing.
I get it. You’re a small organization. It’s difficult enough to run your business with the resources you have. Cybersecurity for SMEs can feel like a luxury, even though we know it’s a necessity.
Finding cybersecurity talent to help prepare for and recover from an attack is also difficult, which can make doing nothing easier. Choosing to hire someone to help sell what you sell or hiring someone to run a cybersecurity program can be a challenging choice.
The other mistake we see is SMEs thinking, “It’s not going to happen to us. Why would it happen to us? We’re tiny. No one even knows we exist.”
You’re wrong!
The bad guys know you exist because you operate a business. You have a website and a presence and people who might call other people. They know you generate money, and their job is to extract it from your bank accounts. Waiting for that eventuality can often lead to complete calamity, especially for SMEs.
Both the IBM-Ponemon Cost of a Data Breach Report and the Verizon Data Breach Investigator Report speak definitively—hard facts, hard figures, not conjecture—about the impact of cyber threats to small businesses and medium-sized businesses. Getting hit with ransomware is likely to put you out of business, full stop.
The Cloud and Data Backup Strategies for SMEs
MG: At NetDiligence, we bring experts like yourself forward to educate our customers and let them know solutions are out there for bringing risk down to an acceptable level. I’m a huge proponent of secure backup solutions in the cloud. What are some best practices and data backup strategies an SME can start with when looking at cloud backups?
GG: Start by identifying the assets within your organization that you need to keep the doors open. Critically assess what your business operations would need to recover.
Ransomware backup solutions are only part of the issue. It’s all about recovery. The first thing you want to understand is, “What do you need to have when all else fails?” When it comes to ransomware, all else will fail.
The cloud allows SMEs to move much faster. SMEs may not have the human resources to be able to understand the complexities involved with protecting their data from end to end, replicating it across multiple availability zones and maybe multiple providers and geographic locations, encrypting it, managing the encryption keys, making sure the encrypted data itself can’t be re-encrypted—because encryption alone only solves for one problem, whether or not you can read the data; it doesn’t address whether or not I can keep you from reading the data, which is how ransomware works.
SMEs can offload that knowledge to a SaaS [Software as a Service] platform like Myota that performs those activities.
The platform ensures the data is geographically replicated. It ensures data is not just encrypted but also protected from re-encryption. It ensures the integrity of the data is always intact. It is not just immutable, but cheeky attackers can’t bypass its immutability.
The cloud allows SMEs to move faster and outsource or transfer the risk that comes with attempting to do these things yourself.
MG: I’m a huge believer in SMEs outsourcing as much as possible. NetDiligence is itself an SME, and I try to hand things over to experts like yourself—to watch my endpoints, to watch this, to watch that. Who has the bandwidth to be doing this every day with the volume of threats coming our way?
Learn more about the data security and ransomware prevention solution Myota offers. Myota replaces costly, duplicative backups and complex security solutions, reducing spend and ensuring that while your business won’t break, your budget won’t either.
Learn more about NetDiligence solutions for the rapidly changing cyber risk landscape. If you have questions for Mark about this conversation or related issues, from advanced ransomware protection to cyber insurance for SMEs, reach out to NetDiligence.
