Preparing for the Next Petya

Author: Datto CISO Ryan Weeks

The Petya and Wannacry viruses have become household names, causing concern that cyber-attacks have escalated among businesses of all sizes. But, the news headlines have been focused on large, well-known enterprises such as WPP, Mosanto, Mondelez and Maersk who fell victim to the most recent attacks. While these multinational corporations have dedicated IT security departments to defend against these threats, they were still compromised. 

An even bigger threat looms for millions of small- and medium-sized businesses (SMBs) that don’t typically have the budget to hire a dedicated IT person. This critical void leaves SMBs highly exposed to evolving cyberattacks. A report from Cybersecurity Ventures found that nearly half of all cyberattacks are committed against small businesses. Plus, additional research recently conducted by Datto uncovered that 57 percent of SMBs have already experienced a ransomware attack in 2017, according to our latest ransomware research report.

As an alternative to hiring IT staff, SMBs should consider outsourcing their IT needs to Managed Service Providers (MSPs), which can help thwart cyberattacks and provide professional, highly personalized and cost effective IT support, allowing SMBs to focus on their core business. Small- and medium-sized business can benefit from the security and business continuity services offered through MSPs in a number of ways:

Monitoring the threat landscape:

MSPs serve as guardians for any small business’ IT infrastructure by delivering ongoing monitoring and management of employee e-mail, website and back-office applications. MSPs are constantly in-tune with the health of their clients IT environment and constantly assess cyberattack vulnerabilities. These professionals take a proactive approach to IT to avoid devastating impacts to their clients revenue and reputation that can result from cyberattacks.

As an example, an employee at bottling company Continental Food and Beverage (CF&B), recently clicked on a malicious phishing email, which allowed ransomware to gain access to the company’s IT infrastructure. It encrypted the company’s shared resources, and CF&B employees were locked out of the critical back office applications that run their business. Fortunately, the company’s MSP, SWK Technologies, had already installed a data backup and recovery solution as part of CF&B’s IT ecosystem. SWK Technologies was able to identify the threat, find a recent data restore point and perform a data restore in a timely manner. Needless to say, CF&B’s quick recovery saved the company hundreds of thousands of dollars in delivery delays and lost revenue.

Expertise in IT:

Lack of cybersecurity training is a leading cause of ransomware infection. Employees don’t always receive the training or possess the knowledge necessary to avoid cyberattacks. This leads to employees visiting unsecure websites, opening malicious emails and more. It is no surprise that a recent report from Kaseya, found that heightened security risks ranked as the top IT problem or service that MSPs had to address in 2016. MSPs serve as a safety net for SMBs when they make these critical mistakes. The ongoing monitoring and software management that these professionals provide is particularly important, because keeping software patched and up to date is essential to protect against security breaches.

Reducing Pain Points: 

Outsourcing IT tasks to a MSP allows a small business to focus on developing their core business, rather than managing day-to-day IT needs. This is especially important since SMBs are often stretched thin with scarce resources at their disposal and very little buffer to survive extended business interruptions. For example, protecting company data through backup and restore has long been difficult for SMBs. By placing this task in the hands of experts, SMBs can rest easy that their data is being protected against malicious or inadvertent actions while reducing business risk.

Reducing Costs: 

Shifting IT management over to MSPs can also render cost savings. Managed services are generally more cost-efficient than hiring a dedicated IT person, and the knowledge and expertise of an MSP is typically far greater. According to the latest figures from Kaseya, 77 percent of businesses pay under $1,000 a month for managed services. This is certainly a savings on the yearly salary of an IT person in the United States.

MSPs understand the need to provide effective data protection and keep their customers current on the latest IT security services. They know their customers environments and ensure patches are deployed and vulnerabilities are addressed proactively. Also, MSPs care about their customers because they know that any SMB that suffers two or more days of downtime is likely to go out of business within a year. To avoid this, they simply deliver better service, support and overall value relative to any other options available in the market, and even outperform many of the dedicated IT departments of multinational corporations.

Ryan Weeks is chief information security officer at Datto, where he is responsible for directing and managing Datto’s Information Security program. Read more Datto guest blogs here.


Return Home

No Comments

Leave a Reply

Your email address will not be published.