Cybersecurity Consulting
Practical security for real businesses — without the enterprise complexity or the scare tactics.
The Threat Landscape for Small Businesses
Small businesses are not too small to be targeted by cybercriminals. In fact, they are frequently preferred targets precisely because they tend to have weaker defenses than large enterprises while still holding valuable data — customer records, financial information, employee data, and access to banking systems. Ransomware attacks on small businesses have increased dramatically in recent years, and the average cost of a ransomware incident — including downtime, recovery, and potential ransom payment — now exceeds $200,000. Business email compromise, where attackers impersonate executives or vendors to redirect payments, costs small businesses billions annually. These are not abstract risks; they are happening to businesses like yours all over the world. As of the time up this last blog update, there were 1.36 Billion hack attempts in the US, 1.89 Billion in India, 2.4 Billion in the UK. Things to keep in mind: these were in 24 hours, the amount changes daily and can rise or fall significantly, and this vendor only equates to about 1% of global reporting. 1.36 Billion hack attempts is only 1%! Let that sink in. These are often AI automated, scripted, high volume attacks, frequently by Nation State actors with deep budgets.
What a Security Assessment Covers
Our cybersecurity assessments begin with a structured review of your current environment. We examine your network perimeter — firewall configuration, open ports, and remote access methods. We review endpoint security across all devices, including whether antivirus and endpoint detection tools are current and properly configured. We assess email security, including spam filtering, phishing protection, and whether your domain has proper SPF, DKIM, and DMARC records configured. We review user account management, including password policies, multi-factor authentication adoption, and whether former employees still have active accounts. We check for desktop remote access programs not authorized by the employer and we assess backup and recovery capabilities. The report is a prioritized list of findings with specific remediation recommendations.
Firewall Configuration
A firewall is the first line of defense for any network, but a misconfigured firewall can provide a false sense of security while leaving significant gaps. We configure and maintain firewalls for small business networks, including Cisco, SonicWall, and WatchGuard equipment. Proper firewall configuration includes blocking unnecessary inbound traffic, filtering Global Locations from which you do not need IP traffic, occasionally restricting outbound traffic to known-good destinations or blocking certain website classifications, logging traffic for review, and configuring intrusion detection rules. We also configure VPNs for users, guest network isolation, and application-layer filtering where appropriate.
Multi-Factor Authentication
Multi-factor authentication (MFA) is the single most effective control for preventing unauthorized account access. When MFA is enabled, an attacker who obtains your password still cannot access your account without the second factor — typically a code from an authenticator app, or a hardware token. We implement MFA across email, VPN, remote desktop, and any other system that supports it. We also help businesses evaluate and deploy hardware security keys for high-value accounts where even authenticator apps may not provide sufficient protection.
Things to Watch Out For
The cybersecurity industry has a significant scare-tactics problem. Some providers exaggerate threats to sell expensive managed security services that small businesses do not need. A realistic security posture for a small business does not require a security operations center or a $5,000 per month managed service contract. It requires a properly configured firewall, a current high quality antivirus, MFA on all accounts, a tested backup, and a trained team. We help you achieve that posture at a cost that makes sense for your business. Be wary of any provider who leads with fear rather than with a specific assessment of your actual risk.
Employee Training
The most sophisticated technical controls in the world are bypassed by a single employee who clicks a phishing link or responds to a fraudulent wire transfer request. Human error is the root cause of the majority of successful cyberattacks. We provide practical security awareness training that focuses on the specific threats most likely to affect your business: phishing recognition, business email compromise, safe password practices, and what to do when something looks suspicious. We keep training short, specific, and memorable rather than relying on lengthy compliance modules that employees forget immediately.
Incident Response
If you suspect a security incident — a ransomware infection, a compromised account, an unauthorized wire transfer — the first thirty minutes matter enormously. Disconnecting affected systems from the network, preserving evidence, and notifying the right parties can significantly limit the damage. We provide incident response support for our clients, including initial containment, forensic review to understand what happened and what was accessed, remediation, and guidance on notification obligations. We also help businesses develop incident response plans before an incident occurs, so that the response is coordinated rather than panicked. We offer WISP compliance docs, testing and training for accountants. At Metro North, we take the Bite out of IT.