Top 3 Takeaways from the 2021 Verizon Data Breach Investigations Report 

It’s tough to find high-quality, independent data on cybersecurity breaches in the SMB market. Every year, Verizon releases their Data Breach Investigations Report (DBIR) and it usually contains some useful takeaways about how SMBs can protect themselves from cybercriminals. 

 At TechMD, we realize you probably have not read this 119-page report and won’t have time to get to it any time soon (if at all). So we did the reading for you, and here’s our breakdown of the Top 3 most relevant takeaways for your business. 

1) 85% of breaches involved a human element

When it comes to improving your cybersecurity, training and educating your staff is a critical component of any good strategy. Cybersecurity is not something that your IT can put together in isolation just by installing security products and defining technical configurations. On the contrary, cybersecurity defense is a team sport and requires all members in the organization to participate.  

The best approach is to develop relevant cybersecurity policies and procedures, and then train and educate all staff on following those policies and procedures. To be most effective, this process must be customized to your specific IT infrastructure and done under the guidance of a cybersecurity professional.  

2) Privilege misuse is a significant factor in cybersecurity breaches

Cybercriminals are very good at creating schemes to gain access to your staff’s credentials. They also know that small businesses are typically sloppy with their management of administrative rights, permissions, and identity management. In other words, a hacker can crack a single user’s password and very easily promote their access to an administrative level in a small business. This method ensures that ransomware encrypts more devices on an organization’s network, which leads to a higher probability of receiving a ransom payment. 

You should be asking yourself: how confident are you in the security of your IT policies and permissions? Odds are that you have not hardened your IT assets according to a known benchmark or standardized framework. Talk to a cybersecurity professional or schedule a cybersecurity assessment to better understand where you are vulnerable.  

3) Web application platforms are the clear top target

During the pandemic, many employees were forced to work from home and rely more on web applications, and consequently the use of web application platforms like Microsoft 365 and Google Workspace have increased exponentially over the past two years. Many organizations had to migrate to these cloud platforms quickly, and hackers know that small and mid-size businesses tend to overlook basic cloud security configurations. At a minimum, these web applications must be protected by Two-Factor Authentication. If your business does not have an experienced administrator for your web application platform of choice, find a company to work with and do an evaluation. 

2022 is the year to invest in your cybersecurity

We hope this article generates some productive discussion within your organization and helps your business move towards a more secure future. If for some reason your organization has not yet invested in a cybersecurity assessment, 2022 is the year to get that done. To hear more about TechMD’s standardized approach to cybersecurity assessments or managed cybersecurity services, contact us here.

Share:

Subscribe to TechMD Insights






More Posts

Russian Invasion Requires Increased Cybersecurity Alertness 

You have probably heard the news by now that Russia has invaded Ukraine, and this will likely have a major impact on the cybersecurity world moving forward. The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is recommending that all American organizations be on high alert, especially small and mid-sized businesses as they are seen as softer targets for cybercriminals.

Top 3 IT Priorities for 2022

2021 has been another year of “unprecedented times” as the COVID-19 pandemic has continued long past what many expected. With this continued level of uncertainty, it’s more important than ever that organizations have their IT in order and prioritized. Our team here at TechMD have put together three top IT priorities for 2022 to help you be prepared for the ever-changing IT landscape.

TechMD Named on UpCity’s 2021 Local Excellence Awards!

We are excited to announce that TechMD has been recognized as one of the top B2B service providers of 2021 by UpCity! Each year, UpCity analyzes and scores more than 70,000 service providers based on their Recommendability Rating and acknowledges the top national and local providers with an UpCity Excellence Award.

Webinar: Microsoft 365 and the Modern Workplace

Many organizations already have Microsoft 365 licenses but are not fully leveraging the productivity, collaboration, and security features that come built-in with Microsoft 365. Learn how you can maximize ROI with Microsoft 365 and take advantage of some of the key features that most businesses overlook.