Every day it seems like there is another cyber-attack impacting small businesses. Per the Ponemon Institute, 61% of small businesses have experienced a cyber-attack in the past 12 months (up from 55% the previous year)1. In fact, the U.S. Securities and Exchange Commission estimates that most targeted cyber-attacks are directed at small businesses2.
As this landscape is rapidly changing and October is national cyber-security awareness month, it’s more important than ever for IT and MSP professionals to take the time to understand their vulnerabilities and to learn how to proactively protect themselves.
A key area where IT professionals can improve their ability to proactively protect themselves is against ransomware attacks. 52% of small businesses reported experiencing a ransomware attack in the past year and this number is on the rise1.
Luckily, there are tools available to IT professionals to help them proactively combat ransomware attacks. These tools focus on patching known vulnerabilities, which is an extremely effective way to stay ahead of cyber-attacks. Per Fortinet, 90% of cyber-attacks in the last year could have been avoided if people updated and patched their systems3. In addition, the research found that, of companies who experienced a cyber-attack, 60% experienced a successful attack for which a patch had been available for over a decade3.
The importance of utilizing these patch management tools is shown through the recent WannaCry cyber-attack.
WannaCry was a destructive ransomware attack that impacted more than 100 countries4. For the vulnerability that was attacked, Windows had released a patch a month prior. All the companies that fell victim to the attack had not implemented the Windows patch which left most IT departments and MSPs scrambling the days after the attack to lock-down and ensure their systems were properly patched. If these organizations had been proactive with updating their patching, they would have prevented the attack from impacting their networks and daily business operations.
With national cyber-security awareness month upon us, we should all be thinking through the best practices we should implement to improve our security and minimize our risks – and patch management is one of the best places to start.
- Ponemon Institute, ‘2017 State of Cybersecurity in Small & Medium-Sized Businesses (SMB)’, 2017.
- U.S. Securities and Exchange Commission, ‘The Need for Greater Focus on the Cybersecurity Challenges Facing Small and Midsize Businesses’, 2015.
- Fortinet, ‘Report: Dissecting Our Q2 Threat Landscape Research’, 2017.
- Smarter MSP, ‘The Most Telling Cyber-Attacks and Data Breaches of 2017’, 2017.