Small businesses increasingly face the same cybersecurity risks as larger businesses but with fewer resources to protect themselves. In fact, according to the 2018 State of Cybersecurity in Small & Medium Size Businesses study by the Ponemon Institute:
- 67% of small and medium-sized businesses have been affected by a cyberattack
- 82% of attacks were not caught by traditional antivirus software
- 61% of SMBs have been attacked by ransomware
- 70% paid the ransom at an average of $1,466 per incident
Worse yet, between 2017 and 2018:
- Data breaches are up by 4%
- Cyberattacks are up by 6%
- Ransomware incidents are up by 9%
We can expect these numbers to increase when the 2019 figures are tallied. The fact is that the problem is only getting worse; it’s not a matter of “if” but “when.”
The traditional concept of “antivirus software,” which arose with the first products released in 1987, started to enter obsolescence sometime early this decade. Industry leaders first began noticing the decline around 2012 when the volume of malware samples began to outstrip the ability of antivirus vendors to write new signatures to block the malware. Both the volume and sophistication of malware has continued to increase exponentially; it’s estimated that there are now 350,000 new variations of malware per day.
To make matters worse, malware and ransomware are a valuable criminal enterprise, incentivizing the cybercriminals to try harder. Aside from ransomware payments made, ransomware damages are predicted to reach $11.5 billion in 2019. Ransomware costs include damage and destruction (or loss) of data, downtime, lost productivity, post-attack disruption to the normal course of business, forensic investigation, restoration and deletion of hostage data and systems, reputational harm, and employee training in direct response to the ransomware attacks.
New threats require new solutions. Any product that attempts to protect the endpoint (desktop, laptop, etc.) in this era of vulnerability and risk can’t just target present threats – it must also be future-proof.
Enter Endpoint Detection and Response (EDR) solutions, which target malware behavior instead of identity. The number of malware behaviors is considerably smaller than the number of ways a malicious malware might look, making this approach suitable for prevention and detection.
Consider this analogy. Security professionals (e.g. soldiers, police, guards, etc.) might stop someone and ask for identification. If an ID is provided, is that it? Is any criminal with an ID guaranteed to bypass security? The answer is no. Thankfully, well-trained security professionals receive extensive training to help them spot suspicious behavior which may indicate that someone is not who they say they are.
EDR solutions are the well-trained security professional for your network, providing the following sophistication protections and many more:
- Real-time protection for known and unknown threats
- Protection from polymorphic and disguised threats
- Watches processes as they run in case they “turn bad”
- Allows quick rollback to a known good state when an attack does occur
Are you ready to have a well-trained security professional guarding your network 365x24x7? Contact the security professionals at Colden Company at 888-600-4560, email us, or visit us on Facebook or Twitter.