Not too small to be

overlooked by cyber-criminals
50% of small businesses have been the target of a cyber attack
If youre a business, theres a target on your back, or your data to be more precise. Cyber criminals
have developed a lucrative, black market enterprise that will rival some major companies when it
comes to valuing information thats been hacked from legitimate sources.
Hardly a week goes by without a release about a high-prole cyber attack against a company. At
a presentation entitled, Hacked: The Realities of a Cyber Event hosted by Travelers in Washington,
D.C., recently, a panel of experts discussed the impact of cyber crime on small to medium-sized
businesses. One in two companies report being the target of a cyber attack, stated Tim Francis,

CloudAccess is an award-winning
cloud-based security-as-a-service...
company focused on delivering a
comprehensive security platform in the
cloud or on-premise. CloudAccess
REACTTM is a unique security oering that
analyses patterns of behavior, identies
anomalous behavior and takes action in
real-time to protect enterprise assets.
REACTTM can integrate with any security

enterprise leader for cyber insurance for Travelers. Sixty percent of attacks last year struck small

product, database, directory and other

to medium-sized businesses. He said there are 34,529 known computer incidents each day and

sources to correlate identities, access

the goal for the bad guys is to make money as easily as possible.
All of the information stolen has value on the Dark Web, where names, social security numbers,
credit cards and other data are available for sale. Credit cards can be purchased for $10 to $35 per
name. Social security numbers are worth signicantly more because they can allow users to open
bank accounts, credit cards, rent apartments and basically create a new identity.

rights, network security information,

user behavior, application behavior and
other events to establish a pattern.
REACTTM compares patterns of behavior
at any point in time with the historical
patterns to identify the anomalous
behavior.

Purveyors of information on the Dark Web are extremely sophisticated, even providing credit card
return policies if the cards purchased dont work, and customer service to help criminals use their
stolen information eectively said Francis. You can purchase specialized information, like credit
card numbers for 30-35-year-olds who live in lower Manhattan, he added.

REACT TM at a glance: Extending SIEMs capabilities-identify anomolous behavior, take action in real time
Integrates SIEM, IDM, AM, Log

Creates predictive analytic intelligence

Analyze patterns of behavior

Correlates detailed metrics of devices, users, apps

Recognize threats in real-time

Centralize mutliple silos of security

Connect to any security solution Manage from the cloud OR on-premise

877.550.2568 info@cloudaccess.com www.cloudaccess.com

Just last week, T-Mobile announced that approximately 15 million customers who had applied for credit with the
mobile carrier had their information stolen by hackers who accessed a database run by credit monitoring rm,
Experian. Hackers accessed names, addresses and social security numbers.
Commenting on the breach, Francis said, Cyber threats are increasing, but businesses can take action. Hackers
have evolved and are now more sophisticated than ever.
He said that the industry is seeing more state aliated hackers coming out of countries like China, North Korea
and Russia. And some hackers attack companies because they dont agree with their ideology or what their
business does as in the case with Ashley Madison. An industry or outspoken CEO can cause a company to
become a target, Francis explained.
Data breaches still cause the largest losses for companies, and frequently the breach is due to vulnerabilities
from within the company such as an employee who works from home and has his or her computer hacked, or
somehow loses a computer with unencrypted information.
Small businesses are particularly vulnerable because they may not have the resources to prevent an attack or
they may believe they would never be a target. Chris Hauser, second vice president with Travelers Investigative
Services said that small businesses also may not vet their new employees as carefully as larger companies with
more resources and may hire the wrong person such as an employee who skims credit cards.
Hauser said, Sometimes employees dont act maliciously, but they may do something wrong unknowingly.
He gave an example involving social engineering, a sophisticated attack where the hacker poses as a company
executive who sends an employee what looks like a legitimate email instructing the employee to transfer money
from one account to another. The reality is that the wire transfer goes into the hackers oshore account and
the money will never be recovered.
In another scenario, an employee may click on a link that puts a Trojan program on the server that allows
hackers to gain access to the companys database. Other hacks may allow someone to access a companys
social media credentials so they can take over the rms social media sites and post information that will
harm the business in some manner.
CloudAccess CEO Kevin Nikkhoo said that many companies post the wrong information on social media or
they outsource data to a vendor who doesnt protect the information being shared. Its still an issue for the
company that outsourced the data management because they are responsible for the information.When
companies reach out to his rm, Nikkhoo said the priority is to get a sense of what transpired.
He asks questions such as:
Was customer information hacked?
Were employee records impacted?
When was the last time the company purged the data?
Did they get into your payment processes and access credit cards?
How far back do the records go?

877.550.2568 info@cloudaccess.com www.cloudaccess.com

He doesnt expect the company to have all of the answers, but since there are deadlines for federal regulators,
understanding what kind of information is in play is critical. We need to deal with provable facts, bring in a
forensic company, develop a scope of work and come up with a plan of attack, he explained. We need to know
how many records were touched, what burned and what didnt burn.
Managing the Message
Once the scope of the breach has been identied, the company must develop a plan to share that information
with customers, regulators if they are publicly held, the media and the public in general. How the details of the
breach are explained and the information conveyed to all of these constituents is vital in repairing the damage
to the companys reputation.
Melanie Dougherty, CEO and managing director at public relations rm, Inform said, The natural response is
to shut the door to the media, but many times you are obliged to respond for legal or regulatory reasons.
Since many breaches stem from human error, companies need to be prepared for this eventuality and work on
messages that will help them recapture their customers and their reputations. Its not the breach, its the
perception of a cover-up that can cost a company, she added.
For a small company, a data breach can force them to shut their doors forever, said Francis. He shared that
one Travelers customer spent around $300,000 to nd out they didnt have a breach, but it was still important
information for the company to have and it allowed them to see how their processes would work in the event
of an actual breach.
Four common weak spots for companies were identied:
Intrusion detection software this raises a red ag when a system has been breached. Its important to
have someone in the company monitor this and respond immediately when a breach is detected.
Encryption of private data encrypting data can turn a lost laptop into a paperweight, although a sticky
note with the password on the computer can undo an expensive encryption program
Patch management companies have to apply them to patch vulnerabilities in programs and keep
software up to date
Vendor mismanagement vendors have to be trustworthy and protect the information they are
entrusted with for a company
All companies are vulnerable, regardless of their size and insurers are now tailoring policies to meet
the needs of all businesses. Less than 20% of companies have cyber insurance now, said Francis.
With the reality becoming more of a when scenario as opposed to an if possibility, companies
will need to be proactive in managing this emerging risk. Once a data breach happens, the
biggest problem is that no one knows who to call, added Francis. Its important for businesses
to create clear action plans to help manage the data breach.

877.550.2568 info@cloudaccess.com www.cloudaccess.com