Dennis Champion, a chief information officer at masterIT, works through a security problem at his office.  The company says most Memphis area businesses are not ready for a cyber attack. (Daily News/Houston Cofield)

While most local businesses believe a cyber attack or hack could significantly impact their bottom lines, many are not adequately prepared, according to a recent survey by SunTrust Bank.

With incidents expected to continue increasing in the coming years, some companies might need to beef up their IT budgets and cyber-security efforts.

“Given that we’re a purpose-driven company and we focus on the financial well-being of our clients, this is something that‘s been on our radar,” said SunTrust Bank Memphis Region president Johnny Moore. “It’s really something that we believe is not being given enough attention at the right levels because there is a lot of exposure out there.”

The survey found that more than 90 percent of businesses think a cyber event would impact their bottom lines, and two-thirds feel it would be significant. But companies currently dedicate only 6 percent of their IT budgets to combat cyber risk.

The majority of U.S. middle market companies – more than half – do not even have an up-to-date cyber security plan and 30 percent have no plan at all, according to the National Center for the Middle Market.

It’s a clear dichotomy – business leaders are concerned about bottom-line impacts from such attacks, but many are not implementing plans to ensure it doesn’t happen.

“I think a lot of people delay taking care of it, or they feel like it won’t happen to them,” Moore said. “We really try to help our clients with their working capital needs, to help them speed up collecting receivables, manage their payables, and to increase their cash flow, which allows them to have more money to invest in things that are not revenue generators (like cyber security).”

From malware – especially ransomware like the recent WannaCry virus – and new forms of phishing to denial-of-service attacks, cybercriminals are becoming more sophisticated. Small- and medium-sized businesses must deal with potential theft of customer data, including credit card numbers and bank accounts.

MasterIT in Germantown has launched a program that simulates phishing and spear-phishing campaigns to help clients learn what to do if they are the victim of a cyber attack. (Daily News/Houston Cofield)

Health care and financial institutions are big targets, as well as retailers.

Primary Care Specialists on Walnut Grove Road was hacked and asked to pay a ransom, which they refused. The medical practice then contacted the Department of Health and Human Services and had to send out 22,000 letters to patients informing them of the situation.

“This is not just a corporate America problem, it’s literally the doctor’s office down the street,” said Michael Drake, chief executive officer of masterIT LLC in Germantown. “This affects everybody, and it’s an epidemic.”

Thirty percent of companies infected with ransomware pay the ransom, creating profitable odds for criminals.

“Just like everything else, it comes down to people, process and technology, and the weakest link is people believe it or not,” Drake said. “The biggest issues you see today are spear-phishing schemes where people will spoof a CEO or COO’s email and send an email to the treasury or finance saying to wire transfer an amount into a certain account. It looks really legitimate, but it’s not. That’s a social engineering problem, so we spend a lot of time training and educating our clients.”

MasterIT has launched a program that simulates phishing and spear-phishing campaigns to help clients learn what to do and what not to do.

“People are vastly unprepared,” Drake said. “Just like you would do maintenance to your home or business, you have to do maintenance on a regular basis to your network, whether that’s on-premise or in the cloud.”

Basic cyber security hygiene involves some very simple things, he said, such as having an adequate firewall in place, having up-to-date anti-malware software, strong passwords and being able to push the proper security updates, whether they be patching for servers on work stations or laptops, or firm-ware updates for firewalls.

“In the event that they are subject to a hack or an attack, some type of a virus that would have a ransomware along with it, then they can just wipe the machine and restore it from the recent backup,” Drake said. “There are tools that exist today that limit the infection just to that machine rather than infecting the entire network.”

Equally important is always maintaining secure and current backup copies of all data, stored onsite and in the cloud.

“We’ve definitely had an uptick in the amount of proactive work that we’re doing in and around securing networks,” said Patrick Tamburrino, president of Tamburrino Inc., an IT and desktop services company. “We’re spending more time hardening firewalls and things of that nature to prevent inbound attacks from even getting to customers.”

Tamburrino is seeing more attacks than in years past, and notes that ransomware is particularly dangerous because it attaches to data files and encrypts them until the ransom is paid. And unfortunately in many cases, even if the ransom is paid, the criminals still will not send the code needed to free up the files.

“These things spread through emails and users who are tricked with phishing schemes and social engineering, getting them to open up a link they think is from a trusted person, and that infects their computer,” Tamburrino said. “The thing that is going to be most valuable in all cases with any kind of virus, in my opinion, is education, because in general I agree the schemes are becoming more sophisticated.”