Proactive cyberstrategy to protect small firms, improve recovery
RIAAN BADENHORST The duty to regularly monitor and mitigate cyber risks of an SME should be vested with a team containing at least one senior manager
Small and medium-sized enterprises (SMEs) must develop appropriate policies and procedures to contain the risks of cyberattacks and cybercrime, which can pose a significant risk to operations, says Kaspersky Lab Africa MD Riaan Badenhorst.
Wireless communications company Verizon’s 2013 Data Breach Investigations Report showed that more than 30% of security breaches occurred at companies with 100 or fewer employees. Kaspersky Lab’s 2014 Global Corporate IT Security Risks survey found that 94% of companies had at least one external cyberattack in the past year worldwide. The survey also found that a single security breach of an SME could lead to losses or costs of up to $47 000, often posing a significant threat to the SME’s survival.
Although SMEs do not always have the in-house skills to develop the policies and procedures to mitigate cyberrisks, they can use trusted partners, often their hardware or software suppliers, to help them conduct cyberrisk assessments and develop appropriate policies and procedures. The latter must include exploring how an SME would govern policies and must detail emergency plans, including recovery and backups.
Kaspersky Lab recommends that the duty to regularly monitor and mitigate the cyberrisks of an SME be vested with a team that includes at least one senior manager. This team must also develop a strategy for and monitor software updates, including ancillary software, such as Adobe and Internet browsers, to ensure that vulnerabilities are dealt with as soon as possible.
Further, SMEs are also undergoing bring- your-own-device changes and must, consequently, secure the mobile devices entering their networks.
“Mobile devices usually contain sensitive data and are also easy points of entry into networks,” notes Badenhorst.
While SMEs often outsource some of their information technology (IT) functions to a third party, they must still monitor service providers. An effective way is to solicit reports or, more typically, have direct access to company information accumulated by the service providers. The information can be used to ensure that policies and procedures are being followed, and all IT changes and decisions must be well documented.
SMEs should also sensitise their employees to the risks posed by cyberattacks and ensure that they are aware of good practices, such as not using common passwords, changing passwords and protecting their own devices.
Kaspersky Lab released its updated version of Small Office Security software, in July 2015, that is specifically designed for SMEs’ security context.
“Given the constraints that SMEs face and that their capital is better invested to drive their growth, Kaspersky Lab has included several features in the SME protection software to enable SMEs to manage their security effectively and affordably.”
The Kaspersky Small Office Security software enables centralised management of a company’s security policies and user administration, including third-party permissions, and also includes features to secure mobile devices. It also includes Kaspersky Lab’s password management tool and the Kaspersky Lab Safe Money system to provide additional protection for and encryption of financial data and transactions.
“The software product provides enterprise-level security for smaller companies. However, implementing only a cybersecurity product is ineffective. A proactive approach to cybersecurity provides effective protection against cyberattacks, reducing the risk to the business’s survival, and enables much quicker recovery and emergency procedures to minimise loss,” he concludes.
Comments
Press Office
Announcements
What's On
Subscribe to improve your user experience...
Option 1 (equivalent of R125 a month):
Receive a weekly copy of Creamer Media's Engineering News & Mining Weekly magazine
(print copy for those in South Africa and e-magazine for those outside of South Africa)
Receive daily email newsletters
Access to full search results
Access archive of magazine back copies
Access to Projects in Progress
Access to ONE Research Report of your choice in PDF format
Option 2 (equivalent of R375 a month):
All benefits from Option 1
PLUS
Access to Creamer Media's Research Channel Africa for ALL Research Reports, in PDF format, on various industrial and mining sectors
including Electricity; Water; Energy Transition; Hydrogen; Roads, Rail and Ports; Coal; Gold; Platinum; Battery Metals; etc.
Already a subscriber?
Forgotten your password?
Receive weekly copy of Creamer Media's Engineering News & Mining Weekly magazine (print copy for those in South Africa and e-magazine for those outside of South Africa)
➕
Recieve daily email newsletters
➕
Access to full search results
➕
Access archive of magazine back copies
➕
Access to Projects in Progress
➕
Access to ONE Research Report of your choice in PDF format
RESEARCH CHANNEL AFRICA
R4500 (equivalent of R375 a month)
SUBSCRIBEAll benefits from Option 1
➕
Access to Creamer Media's Research Channel Africa for ALL Research Reports on various industrial and mining sectors, in PDF format, including on:
Electricity
➕
Water
➕
Energy Transition
➕
Hydrogen
➕
Roads, Rail and Ports
➕
Coal
➕
Gold
➕
Platinum
➕
Battery Metals
➕
etc.
Receive all benefits from Option 1 or Option 2 delivered to numerous people at your company
➕
Multiple User names and Passwords for simultaneous log-ins
➕
Intranet integration access to all in your organisation