The Rea Report Summer 2017 | Seite 3

E V O LV I N G WITH THE TIMES This is the second article in our new series about what businesses should be anticipating to help them be wildly successful. Fighting Back Not only are small businesses at an increased risk of being targeted by cybercriminals, once attacked, the likeli- hood of survival decreases significantly. That doesn’t mean you shouldn’t fight. There are a variety of great resources out there to help protect your business from a cyberattack. Notably, government officials recently compiled industry best practices and mitigation strategies focused on the pre- vention and response to ransomware. In the U.S. government interagency report, How to Protect Your Networks from Ran- somware, the following step-by-step tips are highlighted due to their effectiveness. 1.  Educate your staff. Your staff is your first line of defense. Therefore, the first step should always be to remind your employees to stay vigilant and to nev- er click on unsolicited links or open unsolicited attachments in emails. 2. Take preventative measures. There are quite a few tactics you should take to maintain a proactive stance throughout your organization. Here are a few measures we recommend to our clients: • Implement a cybersecurity awareness and training program. • Prevent phishing emails from reach- ing the end user by enabling strong spam filters. By Brian Garland, CPA, supervisor, [email protected] (Dublin office) • Scan all incoming and outgoing email. VPN connection if one is being used. • Configure firewalls to manage access. 2.  Secure backup data or systems by taking them offline. • Patch operating systems, software and firmware on all devices. 3.  Contact law enforcement immedi- ately, including a local field office of • S et anti-virus and anti-malware the FBI or U.S. Secret Service. programs to automatically conduct regular scans. 4.  C hange security access and passwords, if possible. • Manage the use of privileged ac- counts. No user should be assigned administrative access to a file, folder or server unless absolutely necessary. • Implement software restriction policies. 3. Create a continuity plan. While an attack may be bad for business, the time it takes to recover can be ab- solutely devastating. Minimize your recovery time by implementing and managing a comprehensive business continuity plan. Your plan should in- clude regularly backing up your data, conducting annual penetration tests and vulnerability assessments and properly securing your backups. Jess Howard Electric, a Rea client in Central Ohio, is proof that a small business can recover from a ransom- ware attack. By maintaining the proper safety protocols and adhering to strict policy and procedure, the company has successfully recovered from two attacks that could have crippled the business. Read their story in this edi- tion’s Client Spotlight on page 10. Shut It Down If your business does fall victim to a cyberattack, the following steps will help minimize the damage and shorten recovery time. 1.  Contact your IT team and isolate the infected computer immedi- ately by disconnecting the cable that attaches the workstation to the company network, or disconnect the Discover more tips that can help protect your business from a cyberattack on unsuitable on Rea Radio. Episode 88 features Joe Welker, CISA, talking about the newest ransomware threats businesses are facing nationwide. Check it out at www.reacpa.com/episode-88. 3