Home - Article

Featured Article

October 02, 2023

Travelers Says 25% of Businesses Fail to Implement Basic Security Practices

Society is interconnected through the internet. With it, though, comes vulnerabilities. From nation-state actors seeking to compromise critical infrastructure to criminal organizations orchestrating elaborate ransomware attacks, the realm of cybersecurity has become a battleground where the stakes are high.

Cyber threats moved beyond the traditional image of lone hackers working in isolation. They now span a spectrum of sophistication, from state-sponsored campaigns with substantial resources to lone-wolf attackers leveraging readily available tools. It is crucial to not only understand the evolving nature of these threats but also to adapt and fortify defenses to protect the digital foundations upon which the modern world is built.

If not, look at what happened with breaches that affected businesses and organizations in Connecticut this year.

One that comes to mind is the Eversource breach. Connecticut customers who had participated in a solar incentive program managed by an external provider named CLEAResult may have had their personal information, including Social Security numbers, exposed.

Then, there was that data security incident that occurred at facilities operated by Prospect Medical Holdings in Connecticut, Rhode Island, Pennsylvania, Texas and California. The cyberattack disrupted hospital computer systems that forced some emergency rooms to close and ambulances to be diverted. Also, primary care services were closed as security experts worked to determine the extent of the problem and resolve it.

Not only do these attacks affect the organizations involved, but they also affect the public, which is damaging. Customer information is exposed, patients cannot get the care they need, and organizations now have a mark on their name. The financial and reputational damages have the potential to be severe.

With that said, only 58% of businesses show some level of concern about cyber breaches, according to the Travelers Risk Index. OK, so (in an ideal world) businesses should not lose any sleep about the possibility of security breaches, system glitches, insider risks and ransomware. A great cybersecurity posture would handle that. But the fact is, having a great cybersecurity posture that stays ahead of sophisticated bad actors is a daunting and nearly impossible task that even the tech giants struggle with. Look at the recent ransomware news surrounding Sony.

Organizations can say they have the best practices in place to prevent or mitigate cyber threats. Yet, that is basically putting paper over the cracks to deliver a good image and reputation. The fact is, according to the study, that at least 25% of businesses are not even implementing the most basic of practices such as firewalls, virus protection, data backup and password updates.

Here are some results the study found:

  • 64% of businesses do not use EDR.
  • Half of businesses do not have an incident response plan.
  • Nearly two-thirds of businesses do not have a post-breach team on retainer as part of an IR plan.

The one that sticks out, though, is that 44% of businesses do not use MFA for remote or admin access. The reasons are appalling, too. MFA is too inconvenient for users, there are other controls in place, and businesses do not know what options exist. The fact is, MFA is simple to implement and typically requires no external hardware, and MFA options can vary to meet the specific needs of the organization.

Appalling, right?

And it is only worse for SMBs. The percentages of SMBs not prepared with basic practices range from 10% to 20% higher on each point about.

It cannot be stressed enough how important it is to be prepared – this is considered the best defense against cyber threats. Implement solutions such as EDR, MFA, firewalls, data backup as well as a IR plan. Those effective solutions are proven ways to help your organization reduce the risk of becoming a cyber victim.

Another measure to take is to look at adding cyber liability insurance.

Cyber insurance provides a combination of coverage options and services to help protect businesses against data breaches and other cyber events as well as recover quickly if a cyberattack does take place. Cyber insurance covers the costs associated with data breaches and cyberattacks. Those costs include income lost, recovering compromised data and repairing damaged computer systems.

“Cyber risks have extremely serious consequences — one attack can weaken an organization or potentially put it out of business,” said Tim Francis, Enterprise Cyber Lead at Travelers. “Fortunately, there are effective measures that companies can take to address vulnerabilities and successfully manage through a cyber event.”

Edited by Alex Passett

Apex Technology Services
Choose from comprehensive, affordable solutions for IT consulting, network services and computer help desk support in Fairfield county including Norwalk, Darien, Stamford, Greenwich, Ridgefield and Bridgeport. Also Westchester county including Rye, New Rochelle, White Plains, Yonkers and New York including Manhattan and the five boroughs.


Apex Technology Services is a cutting edge MSP offering quality IT support to financial, medical, legal, Fortune 500 and government agencies while adhering to the highest of quality...



Apex Technology Services has the cybersecurity expertise to help your business in a world filled with attackers looking to shut down your business hold it ransom or steal your valuable...



Apex Technology Services delivers a combination of traditional IT functions such as infrastructure as a service (IaaS), applications, software, security, monitoring, storage...


Ranked Top 10 Network security Solution Provider

One Stop Shop For All Your Technology Needs

Contact us Now!