Craig McDonald 09 April 2018 15:42:08 AEST 9 MIN READ

Ensuring your cash flow security


"Cybersecurity needs to be taken seriously… Cybercriminals are becoming more sophisticated and small businesses are particularly vulnerable. Many small businesses have successfully blended their physical and virtual shopfronts to establish sustainable operating models... Cybercriminals now are attacking small businesses very regularly. They know the big guys have really cool systems and they know the little guys haven't.”


That’s a quote from the Australian Small Business Ombudsman, Kate Carnell, speaking at last year’s ASIAL Security Conference.

While the CEOs of big corporations are starting to pour money into strengthening cybersecurity, there still seems to be a persistent misconception amongst smaller business owners that cybersecurity doesn’t affect SMBs (Small to Medium Businesses).

The reality is that you don’t have to be a big company to be targeted by cybercrime. As Ombudsman Kate Carnell noted in her speech to ASIAL, cybercriminals perceive smaller companies to be soft targets and unfortunately, in many cases this is true.

If your SMB doesn’t have serious cybersecurity measures in place yet, think about these stats from Ombudsman Carnell’s office:

  • cybercrime attacks have increased by 300% since 2015
  • 43% of cybercrime targets smaller businesses
  • 22% of small businesses hit by cyber-attacks are so badly affected they cannot continue operating
  • 60% of small businesses that experience a significant cyber breach go out of business within the following six months

 

 

It’s a major focus of mine to increase cybersecurity awareness among owners of SMBs.

There are some effective and inexpensive cybersecurity measures that every company can use to strengthen their defences and with cybercrime growing at a virtually exponential rate, these precautions might very well end up saving your business from an extremely costly cybercrime attack.

 

Backup


The damage caused by cybercrime can run into the millions of dollars and bring companies to a complete standstill. In many cases, cyber-attacks can result in massive damage to a company’s computer systems and data-storage as well.

It might seem obvious that backing up data is an important insurance against cyber-attack but surveys have shown that this often isn’t happening. Even companies that have backup systems in place often fail to maintain them properly and discover when they want to retrieve information that their records are out of date or incomplete.

Effective backups need to be set up to withstand theft, hacking, natural disaster and fire, and the restoration system should be tested regularly.

Ideally, backups should be stored in more than one location. It’s great to have a cloud-based backup, but off-site physical storage is also a good idea.

 

 

Devices and phones


It’s increasingly common for people to use their personal devices like laptops and phones for work; this practice is known as Bring Your Own Device (BYOD).

Portable devices are really convenient and useful tools but they come with some specific security issues.  

Laptops and phones are vulnerable to theft, and if they are used on public or unsecured WiFi networks they can be hacked relatively easily too.

To keep portable devices secure, follow these guidelines:

  • Always use password and/or PIN protection on devices and update passwords regularly
  • Enable remote management software on devices so that sensitive data can be wiped if they are lost or stolen.
  • Keep device software - especially operating systems - up to date.
  • Use VPN security software whenever devices are logged into public WiFi networks.
  • Strictly control the use of portable media such as thumb drives; they are a common vector for virus infection.

 

Software protection


There are security software products available to suit every business. Even if your company’s computers have pre-installed antivirus software, you should still use extra layers of protection for your systems and devices. For maximum protection use a combination of:

  • endpoint antivirus software
  • firewall protection
  • cloud-based threat protection filtering

> Learn more about cybersecurity strategy in this article: Cybersecurity: a Multi-Layered Strategy is Required

 

Educate your team


meeting-againA well-educated team is one of the most powerful security assets a company can have. The best security software in the world won’t be fully effective if employees don’t understand how to recognise and avoid the most common threats.

Cybercriminals target companies through their employees because compared to machines, humans are easy targets. By educating its staff in basic cybersecurity awareness, a company can make a big improvement to their risk prevention. Every person in a company doesn’t have to be an IT expert, but everyone should have a basic understanding of the common cyber-threats like malicious email that they are likely to encounter on a daily basis.

> For more information about cybersecurity education, read this article: Educating teams is a cybersecurity must-do.

 

 

Next steps


surviving-t-r-cybercrime

If you would like to learn more about solving the complex cybersecurity challenges facing business leaders today, please read my book Surviving the Rise of Cybercrime. It's available to download, here.

In less than 60 minutes, this book will provide you with an understanding of cybersecurity and make you familiar with some industry jargon and terminology. It's available to download, here.

 

Craig-McDonald-MailGuard-bHi, I’m Craig McDonald; MailGuard CEO, founder of GlobalGuard and cybersecurity writer.

Follow me on social media to keep up with the latest developments in cybersecurity and Blockchain; I'm active on LinkedIn and Twitter. 
I’d really value your input and comments so please join the conversation.