Excerpt from "Intruders at the Gate - Building an Effective Malware Defense System"

Many small business people are under the mistaken belief that they're too small to be a target of hacking, malware and data theft.  Nothing could be further from the truth!  Every year thousands or U.S. companies fall victim to hacking and lose $$$ Billions of dollars each year.  Over 31% of those victims are organizations with less than 250 employees and proportionally their loss is greater than larger organizations.  Malware threats grow exponentially worse every year.  In 2013, more malware was introduced into the wild "the Internet" than in the previous 20 years combines. 

Here's an excerpt from my new book - "Intruders at the Gate - Building An Effective Malware Defense System" that was just released on Amazon.com.  http://tinyurl.com/lr8w22e  that illustrates my point.

 

 

 

"First, let’s define what we’re talking about when we discuss malware.  People who don’t deal with this stuff every day get confused by the term malware and how it differs from the more commonly used term virus.   Essentially, malware is a broader definition of the same thing – unwanted programs that can harm your network or steal your information.  I won’t bore you with the technical delineations.  Malware is a contraction of the words Malicious Software and includes computer viruses, ransomware, worms, Trojan horses, rootkits, keyloggers, dialers, spyware, adware, malicious BHOs, fake security software, and other malicious programs.

Malware can be delivered using a variety of techniques including e-mail, infected web sites, direct hacker infections, infected portable devices and media and even via Wi-Fi.

According to AV-Test Gmbh in 2013, over 85 million new malwares were detected by their labs while McAfee claimed they detected an average of over 100,000 new malwares each day last year for a total of about 36.5 million malwares.  Kaspersky labs claimed they detected over 300,000 new malwares each day in 2012 or about 109.5 million for the year.  No matter which total you believe, you’ve got to admit that they’re all pretty staggering numbers!

Here’s the basic problem.  As competitors, Anti-Virus companies don’t really talk to each other and share information.  Each company does their own thing with their own staffs and come up with differing solutions to defeat the hackers that write all of this stuff.

According to a Ponemon Institute study in October, 2012,  they determined that small organizations incur a significantly higher per capita cost than larger organizations ($1,324 versus $305) for cybercrime like hacking events, information theft and malware intrusions. Never think that you’re too small to be a target for hackers.  While the payday for hacking large organizations might be bigger, small organizations tend to be easier targets because they don’t have the resources that bigger companies have to protect themselves.

To give you an idea of how fast your network can be compromised, consider two statistics experts provide on infection speeds and corresponding remediation times.

The amount of time between when a hacking attempt starts until a successful compromise is achieved is:

Within Seconds    -   11%
Within Minutes     -   13%
Within Hours        -   60%
Longer                 -   16%

Now consider, that once a network is compromised, the typical attacker goes undetected for 243 days according to Mandiant Corporation, a leading security management form.

84% of network intrusions are accomplished in under an hour and once a network is infected the average time it takes to figure it out is 243 days?  YIKES!

You’ve got to admit those are some pretty scary statistics.  For now, I’m just trying to give you a feel for the scope of the security threats you’re facing every day."