There are many resources available to help your IT team or outsourced partner meet some of the basic policies to protect your business: A network with a firewall, encrypting data, cyber-security insurance and a next generation AI endpoint protection.
But despite these options, over a third of organizations still admit they are unprepared for cyber attacks, according to the eSecurity Planet’s 2019 State of IT Security survey.
Some questions to ask your IT service provider:
- Do we perform penetration testing?
- Do we perform phishing email response testing and education?
- Do we perform threat hunting? (are we already compromised?)
- How often to we review our cyber-security preparedness?
- How quickly could we recover critical data from a backup in case of crypto virus?
But you may be thinking, I’m a small business and not a target for any cyber security issues. Unfortunately, especially with phishing, your data might be a target due to the lack of formal education to help your users make good decisions when they receive a phishing email.
It is also a good idea to have a professional IT consultant review your Microsoft Office 365 tenant for security best practices.