Northeast IS, a leading managed technology services provider (MTSP), announced today that the company has launched a Zero Trust-as-a-Service designed to protect SMBs (small to mid-sized businesses) from the burgeoning cybercrime industry. Zero-Trust is a security framework which states that organizations should not trust any entity inside or outside of their perimeter at any time. It is necessary in today’s environment to provide the visibility and IT controls needed to secure, manage and monitor every device, user, app and network being used to access business data. While most business owners have been taught that cybercriminals are lone, rogue actors who wear a dark hoodie and crack passwords from a musty basement, the reality is that the industry has evolved far beyond this state and unfortunately, cybercrime has become a viable business model. Instead of a handful of isolated bad actors, cybercrime is now “big business” with entire technology ecosystems supporting the acceleration of this industry.
Nowadays, cybercriminals can peruse a marketplace of highly sophisticated software tools, purchase these tools, select a payment plan (own, rent via monthly subscription or pay a licensing fee based on their usage of the tool) and even contact customer service personnel who are on standby, ready to offer technical support if they have questions when they deploy those tools. To repeat, cybercriminals now have “help desks” which they can consult for assistance with their crimes. Consequently, cybercrime as an industry is booming. This entire ecosystem of software developers, dark startups and licensors/licensees are propelling the growth of this industry illustrate just how far cybercrime has come in recent years. Northeast IS is actively informing SMBs and educating them on how to step-up their defenses.
While the mainstream media has covered many ransomware attacks over the past few years, ransomware payments are still increasing at an alarming rate. According to a report by Statista Research Department, in 2022, 71% of companies worldwide were affected by ransomware. Additionally, a survey of global IT professionals found, around 72% of the respondents paid the ransom and recovered the compromised data. No wonder the illegitimate industry is exploding.
Despite the expansion of cybercrime, there are still plenty of practical solutions available for SMBs to fortify their defenses and secure their organizations. With 85% of data breaches involving human interaction (DARKReading), the first line of defense for many businesses is to provide cybersecurity awareness and defense training for employees. That way, they can minimize the amount of “human error” available for cybercriminals to capitalize on.
Northeast IS’s new Zero Trust-as-a-Service program takes a different approach by aggressively restricting and pre-filtering phishing emails from ever reaching employee inboxes, in the first place. C.G. Frink, President at Northeast IS commented, “The less exposure your organization has to human error the better. With many business owners sending staff to work from home in response to the growth in remote working, they need to also address network security issues and ensure that employees are accessing company data through secure internet connections, firewalls and more. If you’re sending 35 employees to work from home, you need to approach the business like an enterprise would and start thinking that you now have 35 satellite company offices which need to be monitored, managed and secured.”
Business owners are not IT experts and can have difficulty immediately discerning the level of protection their existing IT personnel or provider is offering them and are forced to trust the word of their staff. Frink added, “One of the simplest ways to figure out if your IT provider is adequately addressing the growth in cybercrime is to inquire for their ‘advanced’ or ‘VIP’ package. Not that you need to purchase it necessarily, but if they don’t have that as an option, or if your IT costs have not increased over the years to keep pace with the massive growth in cybercrime, those are hints that your organization may be under protected.”