Businesses should outsource their cybersecurity if they cannot provide adequate protection using in-house resources. The difficulty is knowing when those internal resources are not enough to handle the growing number of cyber threats today. It’s easy to assume that the same resources are adequate today as they were two or three years ago, but, that’s rarely the case. To determine whether you should outsource your cybersecurity to a dedicated IT service provider or cybersecurity company, ask yourself the following questions:
- When was your in-house team’s last employee training?
- What is your schedule for applying software updates?
- When was your last full-system backup?
- Are you using a zero-trust approach?
- How good is your antivirus scanner?
- Are you monitoring your endpoints?
If you don’t know or can’t remember, maybe it’s time to consider outsourcing.
Questions to Ask When Considering Your Outsourced Cybersecurity Needs
When Was Your Last Employee Training?
IBM’s annual report on the cost of a data breach attributed 95% of all compromises to human error, with compromised credentials topping the list.
- 20% of compromises were the result of lost or stolen credentials
- 17% were caused by phishing
- 15% were due to cloud misconfiguration
- 4% were due to business email compromises (BEC)
Threat detection isn’t immediate. Credential compromises took an average of 250 days to identify and 91 days to contain by IT security professionals. That means a compromise that began on January 1 would not be fully contained until December 7, giving hackers almost a year to wander through your system collecting data. BEC attacks were the most costly, averaging over $5 million.
If you can’t remember your last cybersecurity training session, your business is a security breach waiting to happen. Cybercriminals work 24/7/365 to identify innovative ways to compromise a system, making yesterday’s threat landscape training of little use in combating today’s cybercrimes. Without continuous training, employees are more likely to click on a malicious link or respond to a bogus email; with proper training, you’ll always have peace of mind knowing that your network and data are secure.
Cybersecurity MSPs have the expertise to train everyone from the CEO down on the latest threats. They can explain the criticality of effective password management and highlight the latest smishing or phishing techniques. MSPs can help in-house IT staff stay current on threats and trends to reduce the chance of an attempt to go undetected.
Do You Schedule Software Updates?
Scheduling software updates have become more complex. With remote work gaining popularity, employees are accessing the system outside regular working hours. Finding the best time to apply an update may require a 2:00 am start time, adding more stress to an already overwhelmed IT support department.
Ignoring updates can have unexpected consequences. Software updates include more than bug fixes and feature enhancements. They also include network security fixes designed to prevent cybercriminals from exploiting a known vulnerability. If the update isn’t applied, the vulnerability continues to expose your system to cybersecurity threats.
For example, Microsoft’s Exchange Server suffered a widespread attack in 2021. Cybercriminals exploited known vulnerabilities of locally installed Exchange Servers to exfiltrate data from an internal network. The breaches became a national security issue because the compromises were traced to China. The White House appealed to all organizations using Exchange Server on-premise to update their systems immediately.
Microsoft issued four updates between 2010 and 2019 that addressed the problem; however, many organizations and small businesses did not apply the updates. Few companies considered that a failure to apply a software update would result in a national security concern. That’s why businesses must apply updates promptly.
When Was Your Last System Backup?
How often is a full-system backup performed? Are incremental backups automatic, or do they require human intervention? These are just two factors to consider when scheduling backups. Organizations should consider what is being backed up and where the data is stored. They also need to determine where the backups will reside. At a bare minimum, you should ensure that your core business files are protected and secure in case of an attack.
Backups were often stored on the same network as the production system; however, onsite storage is no longer enough. Aggressive ransomware such as Ryuk is being tailored to a specific target. Hackers begin an attack by disabling system copies and disrupting automated backup processes. When they finally launch an attack, the backups cannot be accessed, increasing the odds of paying a ransom.
Storing backups offsite has become a best practice in a cybersecurity strategy. These offsite backups also strengthen a company’s disaster recovery or business continuity plans. Whether it is a cyberattack or a natural disaster, having full system backups at another location can minimize the disruption to daily operations.
Although most companies back up their systems, they don’t have a standard schedule or process for when and how it gets done. A recent survey found that:
- 15% of businesses back up their system multiple times a day
- 26% backup once a day
- 28% backup once a week
- 20% backup monthly
- 10% do not backup
Establishing an effective backup strategy should minimize the IT resources needed to accomplish a routine task without compromising security measures.
Are You Using a Zero-Trust Approach?
Zero trust is a security concept that does what its name says: it trusts no one. The framework assumes that every attempt to access the system is a potential threat. Before zero trust, users logged into the network and had permission to access resources regardless of their job. For example, accounting could access engineering drawings or sales forecasts, even though they did not need that information.
If your cybersecurity processes assume that everyone is a threat, access would be restricted to only the needed resources. This approach is known as least privilege. As an example, not everyone in accounting needs access to accounts payable or accounts receivable. Only those responsible for the specific function should be granted access. Although setting up a zero-trust authentication and access policy may be more wor for your IT team, it’s an essential component of strong data security operations.
Part of zero trust is multi-factor authentication (MFA). Using MFA is especially needed as more employees continue to work remotely. When a remote worker accesses the system, are individuals who they say they are? Since compromised credentials are a leading cause of data breaches, ensuring a user’s identity is crucial.
The financial services industry has used MFA for years. When customers use online banking, they are asked to provide a username and password. If the information is validated, then a code is sent to the cell phone number associated with the account. The customer enters the code in real-time, which is verified before access is granted. A hacker may compromise online credentials, but it is unlikely that they would have access to the customer’s cell phone.
How Good Is Your Antivirus Scanner?
Antivirus scanning software has been around for so long that many organizations forget they even have a solution. Yet, antivirus scanning solutions are not the same. Some antivirus software compares potential threats to a database of known viruses and removes those that match. Others look for advanced persistent threats (APTs). Which one you choose depends on your business needs.
APTs are attacks that go undetected for an extended time because cybercriminals deploy sophisticated tools to disguise their efforts and delay incident response. Antivirus scanners should detect malicious code in phishing emails or block access to suspicious sites. Although they may be a fundamental part of a cybersecurity strategy, antivirus scanners should be reviewed to determine how well they keep pace with the environment.
A 2021 survey found the following:
- Mid-sized businesses paid an average ransom of $170,404 (U.S.)
- 37% of organizations suffered a ransomware attack within the last year
- Only 65% of a company’s compromised data was recovered after paying a ransom
The US ranks third after India and Austria for the number of ransomware attacks. Having a strong antivirus scanning solution is fundamental to a strong cybersecurity strategy.
Are You Monitoring Your Endpoints?
What happens at the network’s edge is just as crucial to an organization’s security as the activities at its core. How many internet-of-things (IoT) devices do you have deployed? Do you have a network-connected printer? Can you access your security system from your phone? Every device that can access your network is a potential entry point into your network.
Many in-house cybersecurity teams organizations (35%) lack the visibility to see their endpoints, making it impossible to respond to threats they can’t see. Research discovered that
- IT spends 36 hours a month on endpoint monitoring
- Over 40% of companies take at least a week to distribute critical patches
- Another 40% take more than a week
With more employees working remotely and more devices connecting to business networks, endpoint monitoring has become a key priority for cybersecurity experts worldwide.
Is Outsourcing Cybersecurity the Right Move for Your Business?
If you’ve tried to employ a cybersecurity specialist, you’ve experienced the impact of the cybersecurity labor shortage firsthand. At the beginning of 2022, the U.S. had 435,000 unfilled positions. Each unfilled position presents another opportunity for a hacker to compromise your system. MSPs are one cost-effective way to bridge the gap between what your staff can do and what is needed to protect your business.
Cybersecurity has increased its complexity. IT staff need expertise on how to secure a system that includes cloud, on-premise, and hybrid deployments. With the rapid changes in technology, it’s difficult for IT personnel to remain current on all aspects of cybersecurity. That’s why answering these questions can help identify where an MSP can help strengthen your cybersecurity posture.