David DuncanDavid Duncan

News outlets around the United States echo an eerie warning: Russia is preparing cyberattacks against various companies. In late March, President Biden warned of Russian cyberattacks against the U.S. based on new intelligence collected from the Putin regime. “The magnitude of Russia’s cyber capacity is fairly consequential, and it’s coming,” Biden warned. Russian cyber operations could provide a means for retaliating against the U.S. and other NATO countries for their support of Ukraine without crossing the threshold for more significant conflict. Small and medium-sized businesses are the most vulnerable to the expected wave of Russian-backed ransomware operations. Most SMBs are the perfect target for ransomware gangs due to the lack of security controls and dedicated cyber security professionals. Why are SMBs a lucrative target? It’s simple, SMBs have fewer resources and staffing to prepare for, defend against, and recover from a ransomware attack. As a result, attacks against SMBs have increased by 150 percent over the past two years.

The public relations industry isn’t immune to cyberattacks, and a cybercriminal might find a PR firm to be the perfect target. PR firms generally handle multiple clients, retain confidential client data, and regularly communicate with their clients. Furthermore, PR companies tend to access client-sensitive data, the agency’s financial data, employee information, and journalist contact details. Moreover, PR firms generally fall into the SMB market and have fewer resources to support a robust cybersecurity program. Additionally, many PR agencies have shifted to remote work, and implemented Bring Your Own Device, hybrid cloud and on-premises infrastructure approach. This shift in how PR firms work has left them open to numerous vulnerabilities that cybercriminals look to exploit.

This article is featured in O'Dwyer's May '22 PR Firm Rankings Magazine
(view PDF version)

It’s important for your company to prepare for a cyberattack before it’s too late. The tips listed below can help protect your small and medium-sized businesses from unwarranted cyberattacks and communication methods to mitigate the negative effects if your company faces a cyberattack or data breach.

Five tips to help protect your SMB from a cyberattack

Multi-Factor Authentication: Multi-factor authentication is one of—if not the—most crucial cybersecurity defenses in existence. According to the U.S. National Cyber Security Chief, using MFA is one of the best ways to stop 80 percent to 90 percent of all cyberattacks. MFA is a security method that requires two or more authentication factors to verify a user’s identity.

Strong password policy: Using secure passwords is essential to prevent network intrusions. The more secure your passwords are, the harder it is for a hacker to invade your system.

Upgrade legacy systems and patching: Legacy systems are vulnerable to attacks, failures, and other unexpected operational interruptions, so why have they not been replaced? Organizations either fail to understand the risk or have not replaced legacy systems because of budget constraints, IT priorities, or the complexity of replacing an indispensable component of their enterprise. Consequently, these vulnerabilities cost businesses time and money and could result in complete system failure.

Reduce the active directory attack surface: Within Active Directory, a default set of privileged accounts and groups called “protected” accounts and groups are secured differently than other objects in the directory. Any account with direct or transitive membership in any protected group—regardless of whether the membership is derived from security or distribution groups—inherits this restricted security.

Regular pen test: The main reason penetration tests are crucial to an organization’s security is that they help personnel learn how to handle any break-in from a malicious entity. Pen tests examine whether an organization’s security policies are genuinely effective.

Communication methods to mitigate the negative effects of a cyberattack

Understand the difference between a cyberattack and a data breach. A cyberattack is an unauthorized attempt to access a computer network or a malicious attack against an organization’s network, like a distributed denial-of-service attack. A data breach is a security violation in which sensitive, protected, or confidential data is copied, transmitted, viewed, stolen, or used by an unauthorized individual. Data breaches are generally more damaging to an organization’s reputation and have stronger laws surrounding how an organization responds to a data breach.

Respond quickly and sincerely. A best practice is to have statements prepared well before a cyberattack. Generally, you should have a statement prepared for internal use and one for external use. Moreover, it would be best to have statements for the different types of breaches to ensure all your bases are covered. Lastly, don’t issue notifications without consulting external counsel specializing in cyberattacks/data breaches.

Maintain a line of communication with all parties affected. Once again, don’t act unless directed by your cyber counsel. Explain to your employees and customers how you're handling the cyber security incident. Clear and concise messaging is essential during this chaotic time. Explain that you’re working to repair vulnerabilities, secure the network and protect information. Lastly, you must explain that you are taking steps to ensure this does not occur again.

Lastly, offer help to your employees and clients. They’re victims like you and are unsure what to do next; they’ll seek guidance from the organization. Work with your organization and your cybersecurity counsel to determine what you are legally obligated to do and anything extra that you can extend to your employees and clients. Credit monitoring or identity protection is an excellent option for all parties affected by a cyber incident.

As the war on cyber continues to disrupt business operations, it’s important to identify ways your company can minimize risk and best prepare for potential cyberattacks. The United States has been forewarned to be aware of the digital war that is to come, and it’s in the best interests of companies to heed these warnings and put the steps in place to protect their businesses from potential costly breaches and attacks.

***

David Duncan is Cybersecurity Technical Director at Anchin / Redpoint.