A small business owner working with their IT partner to prepare a CIRCIA‑ready cyber incident response plan.
Many small and midsize business owners assume CIRCIA is aimed only at Fortune 500 companies, but that is a risky assumption. Small and mid‑market organizations can be “covered entities” if they provide critical services or support critical infrastructure, and even those outside scope will feel the ripple effects through clients, insurers, and vendors.
CIRCIA in a Nutshell
CIRCIA (Cyber Incident Reporting for Critical Infrastructure Act) requires covered entities to report substantial cyber incidents to CISA within 72 hours.
Ransomware payments must be reported within 24 hours.
Coverage is based on critical infrastructure role, not just size; small entities can be included if their disruption would impact national or regional security, economy, or public health.
Even if you are not covered, your larger customers and partners may require you to meet CIRCIA-like standards to stay in their supply chain.
Concrete Steps for Owners and IT Teams
Owner-level actions:
Determine your exposure: Identify whether you operate in or support critical infrastructure sectors (healthcare, energy, transportation, government services, etc.).
Review contracts and insurance: Look for new clauses about cyber incident reporting, cooperation, and timelines.
Fund the basics: Approve budget for security monitoring, backups, and an incident response plan; these are now business necessities, not IT “nice‑to‑haves.”
IT / MSP actions:
Perform a security and asset inventory: Know what you have, where it is, and how it is protected.
Implement monitoring and logging: Centralized logs and alerts are essential to detect and investigate incidents fast enough for 72‑hour reporting.
Develop and test an incident response plan: Include decision trees for when to treat an incident as “substantial,” who to notify, and how to collect evidence.
Prepare for CISA reporting, even if “not covered”: Templates and processes for structured incident documentation will help with insurers, regulators, and major customers.
Questions Your Customers May Ask – Answer Set
“Are you compliant with CIRCIA?”
We have implemented incident detection, response, and reporting processes aligned with CIRCIA expectations, and we support our critical-infrastructure customers with the evidence they need.
“If a cyber incident hits you, how will it affect us?”
We maintain backups, response playbooks, and communication plans aimed at minimizing downtime and providing transparent updates.
“Will you tell us quickly if our data is involved?”
Yes. Our procedures require rapid notification to affected customers and support for any regulatory or contractual reporting they must perform.
How Farmhouse Networking Helps SMBs Turn CIRCIA into an Advantage
Farmhouse Networking helps small and midsize businesses use CIRCIA as a catalyst to get modern, business-grade cybersecurity in place:
Determining whether your business or key customers are likely covered entities and what that means for your contracts and obligations.
Implementing security controls—MFA, EDR, monitoring, backups, segmentation—that both reduce incident likelihood and support fast, evidence-based reporting.
Building, documenting, and testing an incident response and communication plan tuned to 72‑ and 24‑hour windows.
Acting as your ongoing IT and security partner so you can answer customer and regulator questions with confidence.
Call to action: Email support@farmhousenetworking.com to find out how Farmhouse Networking can help your small business prepare for CIRCIA and improve your overall cybersecurity resilience.
Penetration testing identifies risks before hackers exploit them
Small and midsize businesses (SMBs) face the same cyber risks as big enterprises—sometimes more. One breach can threaten your business. Penetration testing is proactive protection that keeps you ahead of cybercriminals and in step with regulations.
Practical Action Steps:
Conduct a cybersecurity review of your business systems.
Schedule monthly or at least semi-annual penetration testing to find and fix weaknesses.
Educate employees on safe online behavior.
Maintain records to meet regulatory requirements such as PCI DSS or state privacy laws.
Common Client Q&A: Q: Isn’t our firewall enough? A: No; penetration testing simulates real attacks to discover deeper vulnerabilities.
Q: Are tests only for big companies? A: No; many regulations require SMBs to perform regular risk assessments and penetration testing.
How Farmhouse Networking Helps: We tailor penetration testing to your industry and provide step-by-step guidance—so your business stays protected and compliant.
Take control of your cybersecurity. Email Farmhouse Networking for more information on securing your business.
Strategies securing small business inboxes from phishing and BEC gateway attacks
Email is the backbone of communication for small and medium-sized businesses (SMBs). You use it for everything from sending invoices to internal memos, making your business heavily reliant on this tool. However, this reliance also makes you vulnerable to cyber threats, especially Business Email Compromise (BEC) attacks, which are increasingly targeting SMBs. These attacks can have devastating consequences, but with the right email security measures, you can protect your business from falling victim.
Understanding the Threat: Phishing and BEC
Phishing is a cybercrime that uses deceptive emails to trick individuals into revealing sensitive information or taking harmful actions. These emails often look like they come from legitimate sources, such as banks or well-known companies, but they are actually designed to steal your data.
Business Email Compromise (BEC) is a sophisticated type of phishing attack where cybercriminals impersonate trusted individuals within a company to trick employees into transferring money, sharing sensitive data, or granting access to critical systems. BEC scams often target individuals in finance, human resources, or operations, with the goal of initiating fraudulent transactions or stealing confidential information. According to the FBI, there are five primary types of BEC attacks.
BEC attacks are particularly effective because they exploit human psychology. Attackers rely on impersonating authority figures, creating a sense of urgency, or crafting highly convincing emails to make employees act without questioning.
Email is the number one attack vector, responsible for 90% of phishing incidents. In 2023, BEC attacks led to $3 billion in losses.
Why SMBs are Prime Targets
While large corporations invest heavily in cybersecurity, SMBs are often more vulnerable. Cybercriminals view smaller businesses as easier targets due to their typically less robust security measures and lower awareness of emerging threats.
Here’s why SMBs are at greater risk:
Limited Cybersecurity Resources: Many SMBs have limited budgets for cybersecurity and often lack dedicated IT teams to monitor email systems for suspicious activity.
Employee Vulnerability: Employees in SMBs may not be as well-trained in spotting phishing attempts or recognizing the signs of a BEC scam.
Lack of Email Security Awareness: Small businesses may overlook the importance of securing business email accounts with multi-factor authentication (MFA) and other safeguards, leaving them exposed to attacks.
Simple Steps to Bolster Your Email Security
Employee Training: Regularly train employees to recognize and respond to threats. Run security awareness training to help your team spot phishing attempts and other common threats. Use simulated phishing exercises to test their readiness, uncover weak spots, and highlight potential weaknesses.
Multi-Factor Authentication (MFA): Add an extra layer of security to your email accounts with multi-factor authentication (MFA).
Advanced Email Filters: Use advanced spam filters to detect and block phishing emails before they reach your employees’ inboxes. Scan links automatically to spot anything suspicious.
Email Encryption: Encrypt emails, both in transit and at rest, to prevent unauthorized access.
Regular Security Audits: Schedule regular audits to spot vulnerabilities and keep an eye out for unauthorized access. Take time to review your email system’s settings, permissions, and logs for anything unusual.
Incident Response Plan: Prepare for email threats with a clear, actionable response plan. Outline the steps to contain, investigate, and recover from incidents, so your team knows exactly what to do
Cybercrime is a business, not a hobby, and incredibly lucrative. Taking a proactive approach to email security is essential for protecting sensitive information, preventing data breaches, and maintaining trust with your team and clients.
Is your business protected? Contact Farmhouse Networking today for a comprehensive email security solution tailored to your SMB’s unique needs. Don’t let your inbox be a gateway for cybercrime!
For those that missed us this week, our CEO Scott Carr was one of the guest speaking panel and the event pictured above. During our discussion, the question was asked – “What is the one thing business owners can do to protect themselves from ransomware?” Scott’s answer was – “If you do nothing else, at the very least have a backup of your data. If anything goes wrong you will be able to go back to your previous data and skip paying the ransom.”
Why Backup?
Ransomware attacks have become an increasingly prevalent threat to businesses of all sizes. As cybercriminals continue to evolve their tactics, it’s crucial for organizations to implement robust defense strategies. One of the most effective ways to protect your business from the devastating effects of ransomware is through a comprehensive backup strategy.
The Rising Threat of Ransomware
Ransomware attacks have surged dramatically in recent years, with 2024 seeing unprecedented levels of both frequency and sophistication. In the first half of 2024 alone, the average extortion demand per ransomware attack exceeded $5.2 million, with a record-breaking payment of $75 million in March. These staggering figures underscore the critical need for businesses to fortify their defenses against such attacks.
The Role of Backups in Ransomware Protection
Data backups serve as a crucial line of defense against ransomware threats. They provide a safety net that can help your company prevent irreparable damage in the event of an attack. Here’s why backups are so important:
Added Data Security: By maintaining backups of your critical data, you remove one of the primary vectors for ransomware attacks. If you can still access your data from a backup, hackers lose their leverage in demanding a ransom
Recovery Options: Reliable and well-tested backups give ransomware victims more options. Without backups, organizations have limited choices for recovery. However, with confidence in their ability to restore from backups, businesses can make more nuanced decisions during ransomware recovery and negotiations.
Best Practices for Ransomware-Resilient Backups
To ensure your backups provide effective protection against ransomware, consider implementing these best practices:
Implement the 3-2-1 Backup Strategy: This strategy involves maintaining at least three copies of your data on two different storage types, with one copy kept offsite. This approach significantly reduces the risk of losing all your data in a single attack
Use Immutable Storage: Immutable backups cannot be modified, altered, or deleted for a specified period. This ensures that your backup data remains intact and tamper-proof, protecting against both accidental and malicious changes
Maintain Offline Backups: Keep a secondary offline backup copy that ransomware cannot reach. Network attached storage devices can be an effective method for this purpose.
Increase Backup Frequency: Consider backing up mission-critical data at least once per hour. This reduces the amount of data that could potentially be lost in a ransomware attack.
Employ Endpoint Protection: Use modern endpoint protection platforms that can detect ransomware processes as they begin, even if the type of ransomware is new and unknown.
The Business Impact of Ransomware
The consequences of a ransomware attack extend far beyond the immediate financial loss. Businesses may experience:
Extensive downtime, leading to significant revenue loss
Damaged reputation among customers and partners
Delayed project timelines
Potential loss of sensitive customer data
These impacts underscore the importance of a robust backup strategy as part of your overall cybersecurity plan.
Don’t wait until it’s too late to protect your business from the devastating effects of ransomware. Contact Farmhouse Networking today to develop a comprehensive backup and cybersecurity strategy tailored to your organization’s needs. Our expert team can help you implement robust protection measures, ensuring your business remains resilient in the face of evolving cyber threats. Secure your data, protect your reputation, and safeguard your bottom line—reach out to Farmhouse Networking now.
How an integrated advanced threat protection solution helps business owners monitor and block cyber threats in real time
Cyberattacks are no longer “someone else’s problem.” From ransomware to phishing‑laden emails and zero‑day exploits, modern threats are designed to bypass traditional antivirus and basic firewalls. As a business owner, your core concern is simple: keep data safe, keep operations running, and protect your reputation. An integrated advanced threat protection (ATP) solution is exactly the kind of security framework that turns reactive panic into proactive control.
What Is Advanced Threat Protection?
Advanced threat protection (ATP) is a unified cybersecurity strategy that combines multiple technologies—such as AI‑driven analytics, behavioral monitoring, sandboxes, next‑generation firewalls, and endpoint detection—into a single, coordinated system. Instead of relying on isolated tools, ATP monitors your entire digital ecosystem (email, web, cloud, endpoints, and network) and blocks sophisticated threats before they can disrupt your business.
For a business owner, this means fewer surprises, faster incident response, and less downtime when—if—something does slip through.
What Your Business Needs to Do
An effective ATP rollout isn’t just an IT project; it’s a strategic decision you steer. Here are practical action steps you and your IT team should take:
1. Map Your Risk and Critical Assets
Identify which data, systems, and third‑party services are most critical (client records, accounting, PHI if in healthcare, donor data if nonprofit).
Document access controls and where third‑party vendors touch your network.
2. Upgrade Core Security Infrastructure
Replace legacy firewalls and antivirus with next‑generation firewalls and advanced endpoint protection that use behavioral analysis and AI.
Enable email‑layer ATP to filter phishing, malicious links, and infected attachments before they reach inboxes.
3. Implement Visibility and Centralized Monitoring
Deploy tools that give real‑time visibility across endpoints, network traffic, and cloud services (SIEM‑style logging or managed EDR).
Use a centralized management console so your IT team can view threats, alerts, and responses from one place.
4. Harden Access and Policies
Roll out multi‑factor authentication (MFA) for email, cloud apps, and any system with sensitive data.
Enforce strong password policies, device‑management rules, and safe‑browsing guidelines for staff.
5. Train Employees and Build an Incident Playbook
Run regular, short cybersecurity training focused on spotting phishing, avoiding risky downloads, and reporting suspicious activity.
Draft a simple incident‑response plan that includes isolation steps, communication protocols, and points of contact.
Common Questions Business Owners Ask
Q: If we already have a firewall and antivirus, isn’t that enough? Traditional tools are designed for known, signature‑based threats. Modern attackers use zero‑day exploits, fileless malware, and spear‑phishing that slip past these defenses. ATP adds behavioral analysis, sandboxing, and AI‑driven threat‑hunting that traditional tools simply can’t match.
Q: Won’t ATP slow down our systems and network? Most modern ATP platforms are engineered for performance and often run in the cloud or as lightweight agents. When configured correctly, users rarely notice slowdowns, while the security gains are very visible.
Q: Can small or mid‑sized businesses afford ATP? Yes. Many ATP solutions are tiered by company size, and managed ATP services allow you to outsource the heavy lifting rather than hiring a full‑time security team.
Q: How much effort does ATP require to maintain? Once deployed, ATP is largely automated. Your IT team (or your managed‑security partner) still need to monitor alerts, tune policies, and respond to incidents—but the platform does the heavy lifting of detection and many remediation steps.
How Farmhouse Networking Can Help
Farmhouse Networking helps businesses like yours bridge the gap between “we’re doing our best” and “we’re actually secure.” Our services focus on:
Assessment and planning: We audit your current setup, identify your biggest exposure points, and design an ATP‑ready roadmap tailored to your industry (accounting, healthcare, or nonprofit).
Deployment and integration: We help you deploy or upgrade to next‑generation firewalls, endpoint protection, and email‑layer ATP, ensuring all pieces work together seamlessly.
Managed monitoring and response: If you lack in‑house expertise, we can provide ongoing monitoring, alert triage, and coordinated incident response so threats are contained quickly.
Training and policy support: We assist with policy templates and staff training so your team becomes part of your defense, not the weakest link.
You don’t need to become a cybersecurity expert overnight. You just need a partner who can translate ATP into clear, manageable steps that protect your business without over‑complicating your day‑to‑day operations.
Take the Next Step
If you’re ready to treat cybersecurity as a strategic investment instead of an afterthought, now is the time to explore an integrated advanced threat protection solution. Farmhouse Networking can help you design, deploy, and manage ATP tailored to your specific risks and budget.
For more information, email us at support@farmhousenetworking.com and we’ll schedule a call to walk through your current setup, your biggest concerns, and the practical steps you can take next.
Visualizing SMB cybersecurity risks from 2020: Protect your small business from ransomware and breaches today.
You faced unprecedented cybersecurity threats amid the COVID-19 shift to remote work, with MSMEs targeted in over 40% of attacks and average losses exceeding $188,000 per incident. Cybercriminals exploited rushed digital transitions, making your operations a prime target. This post breaks down the 2020 landscape and arms you with actionable steps to safeguard your future.
Key Threats in 2020
Small and mid-size businesses (SMBs) saw ransomware hit one in five firms, phishing emails surge to three-year highs, and remote work vulnerabilities expose networks outside firewalls. Hiscox’s 2018-2020 reports showed 73% of SMBs as “novice” in preparedness, with IBM noting average breach costs at $320,000—devastating for limited budgets. Supply chain attacks via weaker SMB links amplified risks during lockdowns.
Practical Action Steps
Implement these prioritized steps with your IT team to build resilience:
Update and Patch Immediately: Scan all software weekly; apply updates to close vulnerabilities exploited in 43% of breaches.
Enforce Multi-Factor Authentication (MFA): Require MFA on all accounts, reducing unauthorized access by 99%—start with email and VPNs.
Secure Remote Access: Use VPNs for all remote connections; segment networks to limit breach spread, critical as work-from-home spiked risks.
Train Employees Monthly: Conduct phishing simulations; 2020 data showed small firms received higher malicious email rates.
Backup Data Regularly: Maintain offline backups tested quarterly; this contained ransomware damage for prepared SMBs.
Adopt Basic Tools: Deploy firewalls, antivirus, and endpoint detection—affordable for SMBs lacking full IT staff.
Track progress with a simple checklist, assigning owners and deadlines.
FAQ: Client Inquiries Answered
Q: Why were SMBs hit hardest in 2020? A: Limited resources left many without robust defenses; attackers viewed SMBs as easy entry to bigger supply chains.
Q: How much does a breach really cost my business? A: Beyond $188,000-$320,000 direct losses, add downtime, legal fees, and reputation damage—often forcing closures.
Q: Do I need expensive enterprise solutions? A: No—start with free tools like MFA and patches; scale to managed services for comprehensive coverage.
Q: What about compliance for my industry? A: Accounting/healthcare/charity sectors faced heightened scrutiny; align with NIST basics or HIPAA equivalents via policy reviews.
Q: How do I measure if we’re secure? A: Run annual self-assessments like ICC’s questionnaire; aim to exit “novice” status.
How Farmhouse Networking Helps
Farmhouse Networking specializes in tailored security for accounting, healthcare, and charity SMBs, driving organic traffic and B2B leads through secure, SEO-optimized sites. We handle implementation: deploying MFA/VPNs, running trainings, and monitoring 24/7 via managed services—reducing your breach risk without in-house IT overhead. Our strategies include vulnerability scans, compliance audits, and custom backups, proven to cut attack surfaces. Past clients saw 40% faster threat response, boosting client trust and conversions.
Call to Action
Ready to fortify your business against 2020-style threats? Email support@farmhousenetworking.com today for a free security assessment and custom plan.
Key cybersecurity stats reveal 70% ransomware targets SMEs—protect your business with proven action steps
Cyber threats target businesses like yours daily, with small and medium-sized enterprises (SMEs) facing disproportionate risks that can cripple operations or force closure. These 15 key stats reveal the stakes—armed with them, you can prioritize defenses to safeguard revenue, data, and reputation.
Critical Stats Overview
Data shows SMEs bear the brunt of attacks, often lacking resources for robust defenses.
70% of ransomware targets businesses with fewer than 500 employees.
60% of SMEs shutter within six months of a breach.
Global breach cost averages $4.88 million, up 10% yearly.
Small businesses suffer $2.4 billion annually from cybercrime.
61% of SMEs faced a breach last year; malware and phishing top causes (18% and 17%).
Attacks per organization rose 25%, from 3 to 4 yearly.
35% of attacks are ransomware, up 84% year-over-year.
75% of SMB owners rank cyberattacks as their top threat.
SMEs are 3x more targeted than large firms.
Supply chain attacks hit 183,000 customers in 2024, up 33%.
72% of owners worry about remote work risks.
Cybercrime costs could hit $10.5 trillion by 2025.
Only 25% of small firms have cyber insurance vs. 75% of large ones.
Encrypted threats surged 92% in 2024.
71% of organizations saw more attacks last year.
These numbers underscore urgency: inaction risks your business’s survival.
Practical Action Steps
Business owners and IT teams must act now with these targeted steps.
Conduct a Risk Audit: Inventory assets, map data flows, and scan for vulnerabilities using tools like Nessus—complete quarterly.
Enforce MFA Everywhere: Roll out multi-factor authentication on email, cloud apps, and VPNs to block 99% of account hacks.
Train Staff Annually: Run phishing simulations and awareness sessions; 90% of breaches start with human error.
Patch Systems Promptly: Automate updates—half of CVEs are high/critical severity.
Backup Data 3-2-1: Maintain 3 copies, 2 media types, 1 offsite; test restores monthly against ransomware.
Secure Remote Access: Deploy VPNs and zero-trust models for hybrid work.
Monitor with AI Tools: Use endpoint detection for real-time threat hunting.
Vet Vendors: Require SOC 2 reports; 60% will prioritize cyber risks in deals.
IT departments: Assign owners to each step, track via dashboard. Expect 30-60 days for initial rollout.
FAQ: Client Inquiries Answered
Q: How much does a breach really cost my small business? A: Beyond $4.88M averages, SMEs lose 1.3% market value post-attack, plus downtime and recovery—often $100K+ for modest incidents.
Q: Are we too small to be targeted? A: No—70% of attackers hit SMEs deliberately; you’re easier prey without big budgets.
Q: What’s the biggest threat right now? A: Ransomware (35% of attacks) and phishing; encrypt threats rose 92%.
Q: Do we need cyber insurance? A: Yes—only 25% of small firms have it, but it covers gaps in fines, legal fees.
Q: How do remote workers increase risk? A: 72% of owners cite hybrid setups; unsecured home networks invite breaches.
Q: Can AI help defend us? A: Yes—AI users save $2.22M yearly on breaches via automation.
How Farmhouse Networking Helps
Farmhouse Networking specializes in B2B cybersecurity for accounting, healthcare, and charity sectors, driving organic traffic via SEO-optimized content while converting visitors to clients. We handle your action steps: full risk audits, MFA deployments, staff training, AI monitoring, and vendor assessments—tailored to comply with HIPAA, SOC 2, or nonprofit regs. Our managed services cut breach risks by 50%+, with 24/7 SOC support and branded dashboards for owners. Past clients saw 40% traffic growth from our blogs, plus qualified leads.
Call to Action
Email support@farmhousenetworking.com today for a free cybersecurity audit and custom strategy to protect your business. Act now—before stats become your reality.
A small business owner leveraging modern cybersecurity tools—firewalls, multi‑factor authentication, and backups—to protect their company’s network and sensitive client data from cyber threats.
You may think cyberattacks are a “big‑company problem.” In 2026, that assumption is one of the most dangerous blind spots you can have. Cybercriminals increasingly target SMBs precisely because budgets are tighter, security is lighter, and breaches in small environments can be just as costly as in large enterprises. The question is no longer if a threat will hit your business, but when—and whether your people, data, and reputation are ready.
For a business‑owner audience, this post breaks down what “good cybersecurity” actually looks like in practice, gives you concrete steps your team can take, answers common client‑facing concerns, and shows how Farmhouse Networking can help you implement and maintain these protections without overhauling your operations.
Why SMBs Are Prime Targets
Cybercriminals are opportunistic: they look for the path of least resistance. SMBs often have limited IT staff, minimal security budgets, and patchy policies around email, passwords, and backups. That combination makes them ideal targets for ransomware, phishing, and data‑theft campaigns that can cripple operations and destroy customer trust in a matter of hours.
Regulatory scrutiny is also tightening. Even if you’re not a multinational, you may still face fines or contractual penalties if client or partner data is lost in a breach. Investing in cybersecurity is no longer “optional overhead”—it’s a core cost of doing business in 2026.
Practical Cybersecurity Steps for Business Owners
You don’t need a Fortune‑500‑level security team, but you do need structure. Here are the key areas every small or mid‑size business should address, along with specific actions your owner and IT team can immediately act on.
1. Lock Down Access with Strong Authentication
Require multi‑factor authentication (MFA) for all accounts that hold customer data, email, banking, or cloud services.
Prefer authenticator apps or hardware keys over SMS‑based codes to reduce phishing and SIM‑swapping risk.
Enforce strong password policies and provide a company‑approved password manager so teams don’t reuse passwords across personal and business services.
2. Patch Systems and Secure Endpoints
Turn on automatic updates for operating systems, browsers, and core business software (accounting, CRM, practice management).
Deploy next‑generation antivirus or EDR tools that monitor unusual behavior, not just known malware signatures.
Ensure every device that touches business data has disk encryption, screen‑lock timing, and basic firewall rules enabled.
3. Protect Networks and Wi‑Fi
Use business‑grade firewalls with default‑deny rules and logging, and avoid exposing unnecessary ports to the internet.
Configure Wi‑Fi networks with WPA3 encryption (or WPA2‑Enterprise), and keep guest Wi‑Fi on a separate, isolated segment.
Segment your network so that high‑value systems (financial and HR data, servers) sit on a separate, more tightly controlled segment.
4. Back Up Data and Plan for Incidents
Define what data is critical (client records, financials, contracts) and back it up regularly to an encrypted, cloud‑ or off‑site‑based solution.
Store multiple recovery points and test restorations periodically to ensure backups actually work.
Put a simple incident response plan in place: who gets notified, who talks to clients, and how you’ll isolate affected systems during a breach.
5. Train Your Team and Manage Email Risk
Conduct regular, short security training focused on phishing, password hygiene, and safe handling of sensitive data.
Deploy an email security gateway that scans attachments, rewrites malicious URLs, and quarantines suspicious messages before they reach inboxes.
Establish clear rules for sharing sensitive data via email (e.g., no client SSNs or insurance numbers in plain text) and enforce them.
Common Client Questions (and How to Answer Them)
When you talk to clients about cybersecurity, they’ll naturally ask around cost, risk, and responsibility. Framing these clearly builds trust and positions your business as a professional partner, not just a vendor.
“Won’t this slow down our operations?”
Answer: Modern security tools are designed to run quietly in the background. Properly configured firewalls, MFA, and endpoint protection add minimal friction while stopping the vast majority of automated attacks. Think of it like seat belts and airbags: you don’t feel them every day, but they’re critical when something goes wrong.
“We’re a small business; do we really need this much protection?”
Answer: Cybercriminals are increasingly using AI‑driven tools to probe and exploit small businesses precisely because defenses are weaker. A single breach can mean downtime, legal fees, and reputational damage that can take years to recover from. Basic, layered security is now table stakes for reputable SMBs.
“How do you know if our network is secure enough?”
Answer: There’s no “perfectly secure” state, but there are measurable baselines:
Are critical systems encrypted and backed up?
Is MFA enforced on all key accounts?
Are software and firmware updated regularly?
Are there clear policies and training for staff? A third‑party security audit or network assessment can map these gaps and prioritize where to invest next.
How Farmhouse Networking Can Help
Farmhouse Networking is built to help small and mid‑size businesses implement, manage, and maintain these cybersecurity measures without the overhead of a full‑time, in‑house security team. We focus on practical, cost‑effective solutions that fit your budget and workflow.
Here’s how we support your cybersecurity efforts:
Network and firewall configuration: We design and harden your network so that only necessary services are exposed, and sensitive systems are segmented and monitored.
Endpoint protection and patch management: We deploy and manage modern antivirus/EDR tools, ensure automatic updates, and enforce device‑level security policies across laptops, desktops, and mobile devices.
MFA, password policy, and access controls: We help you implement MFA everywhere it matters and set up role‑based access so employees only see the data they need.
Backup and incident readiness: We design a backup strategy tailored to your business‑critical data and help you define a simple incident response playbook so you know what to do if something goes wrong.
Ongoing monitoring and training support: We can monitor key security events and provide guidance on regular, brief security training sessions so your team stays alert without disrupting daily operations.
Take the Next Step Today
If you’re a small or mid‑size business owner, now is the time to treat cybersecurity as a core business function, not an afterthought. Simple, layered defenses—strong authentication, regular patching, secure networks, and reliable backups—can dramatically reduce your risk and keep your operations running even when threats emerge.
If you’d like to see how Farmhouse Networking can help you implement these steps with minimal disruption to your team, email us atsupport@farmhousenetworking.comfor a consultation. We’ll review your current setup, identify your top risks, and build a tailored plan that keeps your data, customers, and reputation safe in 2026 and beyond.
Ransomware attacks continue to spread around the world this weekend, after the initial damage inflicted on healthcare organizations in Europe on Friday.
The criminals responsible for exploiting the Eternal Blue flaw haven’t yet been identified, but up to 100 countries have hit with WannaCry ransomware, with Russia, Ukraine and Taiwan among the top targets.
The ransomware first appeared in March, and is using the NSA 0-day Eternal Blue and Double Pulsar exploits first made available earlier this year by a group called the Shadow Brokers. The initial spread of the malware was through email, including fake invoices, job offers and other lures with a .zip file that initiates the WannaCry infection. The worm-like Eternal Blue can exploit a flaw in the Server Message Block (SMB) in Microsoft Windows, which can allow remote code execution. This flaw was patched in Microsoft’s March 2017 update cycle, but many organizations had not run the patch or were using unsupported legacy technology like XP.
What’s New
Today, Microsoft has released emergency security patches to defend against the malware for unsupported versions of Windows, including XP and Server 2003.
Overnight and today, it has become clear that a kill switch was included in the code. When it detects a specific web domain exists—created earlier today—it halts the spread of malware. You can learn more at The Register.
As a Webroot customer, are you protected? YES.
Webroot SecureAnywhere does currently protect you from WannaCry ransomware.
In simple terms, although this ransomware is currently causing havoc across the globe, the ransomware itself is similar to what we have seen before. It’s the advanced delivery mechanism that has unfortunately caught many organizations off guard.
In addition to deploying Webroot SecureAnywhere as part of a strong endpoint control strategy, it is essential you continue to keep your systems up-to-date on the latest software versions and invest in user education on the dangers of phishing, ransomware, social engineering and other common attack vectors.
If you have any questions about your Webroot deployment, reach out to our Support Team now.
Recently had a client get infected by the Zepto variant of crypto malware without even knowing it. The call originated when they could not find some of the shortcuts they were used to seeing on the desktop. I began to search for the shortcuts and found some files with the .ZEPTO extension on them. A quick Google search found that this was indeed an infection of crypto malware but something was different about this one – there was no ransom note or instructions on where to send the money for the decryption key. After investigating the problem it seems that the user got an image file that they could not open and forgot about. They noticed some slow down of the computer the day that these files indicated that they were created but nothing else presented itself that day, so they dismissed it.
So here is breakdown of what actually happened. They were protected by Norton Antivirus and when the infection began to spread across the network (only a couple files were affected there) it removed the infection and left the damage done by Zepto encryption of some of the files in place with no notice to the user about what was done. The customer had a partial backup from a poorly designed backup scheme that was able to recover some of the files, which left them in a state of not knowing what was missing from their local file directories. Needless to say that I will be recommending a different antivirus and backup / recovery plan for them going forward.
If your company is not sure about whether your antivirus software is capable of handling this type of situation properly or are not sure about the status of your backup / recovery procedures, then contact us for assistance.
And God will generously provide all you need. Then you will always have everything you need and plenty left over to share with others. As the Scriptures say,
“They share freely and give generously to the poor. Their good deeds will be remembered forever.”
For God is the one who provides seed for the farmer and then bread to eat. In the same way, he will provide and increase your resources and then produce a great harvest of generosity in you. - 2 Corinthians 9:8-10
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.
