Story image

Seven things SMBs can do right now to prevent cyber attacks

04 Sep 18

New research from Australian’s Deakin University has found that many small businesses are at risk of cyber attacks, but most are unaware of the risk and doing nothing to prevent it.

Professor Matthew Warren is the deputy director of Deakin’s Centre for Cyber Security Research and Innovation. He believes businesses are becoming more dependent on IT systems, which makes them vulnerable to emerging security risks.

“From hairdressers to builders, accountants to GPs, small businesses are using IT to improve, expand and market their services, and that includes things like booking services, online sales, social media promotion, websites and customer databases,” he explains.

However those businesses are using technology for convenience, without understanding privacy and security risks. In addition, they may not have the right skills, resources, or expertise to protect their systems and data.

“Many think security is not their responsibility but it’s a serious risk that can destroy their business,” Warren warns.

You don’t have to go far to find examples. In 2016, thieves targeted a small business that had a national security contract with the Australian federal government. The thieves stole large amounts of data.

“While not all breaches will impact on matters of national security, when you consider that the average time it takes to resolve a cyber-attack is 23 days, that can still have an enormous impact on a small business’ operations and ultimately on its bottom line,” Warren says.

He says there are several things SMBs can do to protect themselves.

  • Patch systems and enable automatic patching. All systems and packages are updated (called patching) and the patching can be done automatically rather than implemented individually by users.
  • Back up all important data.
  • Use a cloud based email and/or data storage.
  • Use strong authentication. Use passphrases instead of passwords and use two stage authentication where possible.
  • Set up different accounts. For example you can set up an administrator account, as well as user accounts.
  • Don’t use the same password across all accounts (Twitter, Facebook, LinkedIn, Gmail, Adobe, Apple, etc). When one is hacked, they all become vulnerable if you’re using the same password.
  • Don’t click on links, attachments or images from people not known to you. Criminals often hack one account and use that account to send malware to people in the contact list.

“SMBs need to ask themselves – if they were a victim of a cyber-attack how much immediate business would they lose, could they restore their system and data, and would their customers have confidence in their organisation in the future,” Warren concludes.

London coworking space teams with Global Cyber Alliance
A London-based coworking space is about to become a major cybersecurity innovation hub and a primary UK landing pad for security challenge winners.
Comms providers hit by most DDoS attacks in Q3 2018
New data indicates attackers preyed on the large attack surface of ASN-level communications service providers with a ‘bit-and-piece’ approach.
Check Point launches hyperscale network security solution
With Check Point Maestro, organisations can scale up their existing Check Point security gateways on demand.
Should AI technology determine the necessity for cyber attack responses?
Fujitsu has developed an AI that supposedly automatically determines whether action needs to be taken in response to a cyber attack.
Trend Micro’s telecom security solution certified as VMware-ready
Certification by VMware allows communications service providers who prefer or have already adopted VMware vCloud NFV to add network security services from Trend Micro.
Frost & Sullivan honours Honeywell's IIoT value creation
Frost & Sullivan has awarded Honeywell with the 2018 Global Customer Value Leadership Award for its work protecting industrial internet of things (IIoT) customers.
Top cybersecurity threats of 2019 – Carbon Black
Carbon Black chief cybersecurity officer Tom Kellermann combines his thoughts with those of Carbon Black's threat analysts and security strategists.
Google's €50m fine a wake up call for big data analytics
Data analytics are essential to company growth, competitive differentiation, and innovation. But there’s now a huge challenge.