According to the recent ISBS 2013 Survey, 78% of large organisations were attacked by an unauthorised outsider last year (an increase from 73% the previous year), while 63% of small organisations were similarly attacked from outside – a big increase from 41% the previous year. Small businesses are now squarely in the cyber firing line, and are being attacked much more frequently than before.
External attackers take advantage of vulnerabilities in network connections to the Internet and in corporate websites. Basic security practice in today’s climate should include quarterly security scans and penetration tests of all Internet-facing resources and connectivity, with identified vulnerabilities patched as fast as possible.
As we move into an era of ‘negative day’ attacks, taking no action to identify and close vulnerabilities is no longer an even vaguely sensible option!