In today’s digital economy, every business is a target. With an estimated 43% of cyber-attacks aimed at small and medium businesses, which equates to 4 in 10 businesses, SMEs’ operations, brand reputations and revenue pipelines are all at risk.
The exponential advancement in AI, machine learning, applications and the accessibility of cryptocurrencies, have all contributed to this risk. It has opened a pandora’s box for even amateur hackers to access sensitive data and use it to hold businesses at ransom. The Internet of Things (IoT) has also become a proverbial carrot for these criminals to continue to refine their techniques and technologies.
Despite these very real threats, why are businesses, especially SMEs, constantly on the back foot with cybersecurity?
Be proactive instead of reactive
There is a common misconception that most hackers will spend hours researching large corporations to target and only consider ‘the big fish’, meaning that small businesses will somehow fly below the radar. Most hackers, however, have AI tools that scan for vulnerabilities and would rather target several undefended smaller businesses than put all their efforts into one big company that is likely to have higher levels of cybersecurity.
Many small businesses are also inundated with information about cybersecurity products. This means they are afraid of the cost implications if the wrong solution is chosen, or of being sold something that they don’t need. Consequently, software security is often lacking or software updates delayed, which often go hand in hand with cyber incidents.
This is why it’s essential to keep software updates up-to-date; they have evolved to be highly sophisticated and can solve security weaknesses, address known threats, fix computer bugs, and improve user experience.
Besides anti-virus software, there are a few other areas that businesses should look at to ensure that their systems are well protected. Some of the essential software that businesses should consider are encryption software, firewalls, password managers, login management, anti-spyware software, security and patch monitoring and network security.
Cybersecurity threats in disguise
Another form of hacking that target businesses is phishing. Phishing remains the preferred method of deception used by cybercriminals worldwide. It works by sending messages that look like they are from a credible and reputable source to access a business’s data.
Statistics show that around 38% of malicious attacks are disguised as a Microsoft file or similar. Very often, it is assumed that staff would recognise a threat but more often than not, training is completely lacking. Creating simple Safe Operating Procedures (SOP) and Including training when onboarding new staff can save a company from a future phishing incident.
Additional layers of physical security are always a good idea. All ASUS Expertbooks feature a built-in TPM (Trusted Platform Module) chip, which provides the necessary cryptographic technology to secure key hardware components.
When combined with Windows’ BitLocker encryption, not only is a laptop password-protected at the initial startup, but the hard drive is fully encrypted to protect sensitive data. It’s imperative that the entire drive – not just selected files or folders – is encrypted, and BitLocker makes that a simple process.
Another critical area is backing up company data. Not only does this practice assist to protect a business from attack, but ensures a back-up is in place should data be breached or held for ransomware.
This is why backing up data should form part of a business’s recovery plan together with encryption, secure disposal of data, monitoring endpoints and personal device use, cloud usage and data access control.
Protecting SA’s businesses
What many small businesses don’t consider is that the computer hardware a business purchases also play an important part in company security. To support South African businesses with the growing threat they face to have solid cybersecurity measures in place, ASUS laptops include a free one-year McAfee® LiveSafe service, giving businesses the ultimate antivirus, identity theft, and privacy protection in the workplace.
This award-winning antivirus software blocks viruses, malware, ransomware, spyware, and unwanted programmes while using the internet. Specifically, the McAfee® WebAdvisor included in the package provides proactive protection against threats. With the powerful Password Manager app, with multi-factor authentication, businesses don’t have to be concerned about risks surrounding password protection.
Putting barriers like these in place is critical for SMEs to ensure that they proactively protect their businesses and employees from cybersecurity threats and hacking incidents. Reacting after an incident has occurred can be costly, traumatic to staff, negatively affect products and delay business growth.
These measures are just as important as burglar bars, security alarms, and armed response – it’s a non-negotiable business investment.
//Staff writer