As companies, people, and equipment become more connected, vulnerabilities and threats that computer systems face rise. From phishing to more advanced attacks on connected devices, threats are becoming more sophisticated and increasing in numbers.
FBI’s Internet Crime Report stated that the losses caused by a lack of computer security at small and medium enterprises were $2.7 billion in 2020. And there are already substantial concerns regarding the phenomenon’s expansion in 2022 and beyond.
Recently, ransomware has been in the news. Ransomware is a type of attack, where data is made inaccessible to its owners and a ransom is demanded to restore access. Malaysia’s ransomware attacks statistics about 30% as reported in February 2021.
Small and medium enterprises are frequent targets since the level of cybersecurity protection is lower than large corporations. These small businesses are usually less concerned about security and about six out of ten small enterprises do not have a cybersecurity strategy.
The bad news is that cyber attacks are increasing in numbers and becoming more complex. The good news is that enhancing a company’s security is primarily in the hands of its employees, and it may be a lot easier than you think.
Let’s share five important ideas for ensuring cybersecurity in any micro, small or medium-sized business.
- Develop a Security Culture
A cybersecurity strategy plan must start with a risk assessment and awareness. In this regard, no matter how small the firm is, it is critical that all of its employees are concerned about threats and work together to prevent them. It’s critical to encourage all employees to report any suspected attack and to establish standard emergency procedures.
Only the information that is required for their job should be available to each individual. However, they must be aware and pay close attention to attachments and links in emails from unfamiliar sources.
- Make use of strong passwords.
Always use strong passwords, and encourage all users to never reveal them and, most importantly, to protect their privacy. Using the United States as an example, the Global State of Cybersecurity in Small and Medium-Sized Businesses report stated that as early as 2019, 70% of micro and SMEs reported incidents where their employees’ passwords were lost or stolen.
Here are three steps to creating a more safe password:
a) Passwords that are at least eight characters long (ideally 12 or more)
b) contain a mix of uppercase, lowercase, digits, and symbols
c) Free of obvious information or easy sequences.
- Keep yourself up to date.
Software companies are constantly improving their products to repair bugs, improve performance, and introduce new features. But, most important are, new fixes to vulnerabilities and security improvements in the software. In the ever-changing world of cybersecurity threats, it’s more critical than ever to have a smooth-running network and all of the devices connected to it. It’s critical to ensure that operating systems, computers, and servers are up to date, and to turn on automatic updates (Windows, Chrome, Firefox, Adobe), as well as to keep all apps current and updated.
- Always have a backup plan.
It’s never too late to emphasise the necessity of maintaining a dependable backup from which sensitive data can be recovered in the event of an incident, whether it’s a hacking attempt or a system breakdown. The backup method must be implemented in such a way that a backup copy of the data is preserved in a location separate from the original data location, preventing the backup files from being damaged by the assault as well. The true value of a backup, on the other hand, is the successful restoration rather than the backup itself. That is to say, the backup plan must be automated in order to ensure that the data is as current as feasible when it is needed to be restored.
For a micro or small business, these are criteria to consider when choosing your backup solutions. A unified solution for protecting mixed environments, performing system restorations for various equipment or virtual servers and migrating systems to mobile devices, PCs, physical or virtual servers, and even applications. All of this while ensuring that copies are completed quickly, without disrupting the work of systems or personnel, and that backups are safeguarded by data and metadata encryption during access, storage, and transfer. The business does not stop if there is a failure.
- Training your employees.
In today’s complex world of cybersecurity threats, it’s best to provide a Social Engineering Testing program for all your employees not only IT personnel.
Any cybersecurity plan in today’s environment must keep up with the current cybersecurity trends. It’s critical to train your IT staff’s with the up-to-date information to improve their Network Penetration Testing or Web Penetration Testing skills.
Condition Zebra is a leading B2B Cyber Security training provider that can help any SME company with its Online Distance Learning, an alternative to our usual physical-based classroom IT security training because of covid-19. Learn about our online training schedule for 2022 here.