by Jessica Thiefels, VP of Community Management for PolySwarm. Learn what questions to ask when hiring an IT security consultant, including insight from Alvaka Networks CEO, Oli Thordarson.
If you can’t afford an in-house IT security team, you have to look outside to find the support you need. However, if you lack IT security skills or knowledge, it can be hard to determine who’s best fit for your business’s needs and who’s not.
We asked a range of cybersecurity professionals to share the most important questions for small businesses to ask potential IT security consultants. Keep them in mind as you consider your options….
Can we get Ransomware? If so, why or why not? If we do get ransomware, how will you get us recovered? -Oli Thordarson, CEO, Alvaka Networks
While the right answer is “Yes, we can get ransomware,” the answer you’re looking for explains “what tools and techniques they are using to protect your firm from ransomware,” suggests Thordarson. He explains that they should be telling you that they:
- Filter and scan all in-coming e-mail
- Use a content filtering service such as OpenDNS
- Employ link reputation checking techniques
- Block certain file types in e-mail attachments
- Educate your user community and safe and dangerous computer use practices
- And that they have a rock solid back-up and disaster recovery plan that they can both explain in great detail and demonstrate in operation.
For more on ransomware, read our blog “Average Ransomware Attack Infects 16 Workstations, 5 Servers and 22 Users,” – Midmarket firms are getting hit hardest by ransomware. Data from 2017 shows that 29% of the companies with 1,000 to 5,000 employees are getting struck by ransomware. If companies that size—who presumably have the resources to guard against this scourge—are getting hit, then avoidance does not bode well for smaller firms.