As the rise of the digital world continues, so does the rise of cyber crime. As technology advances, not only does IT security advance with it, hackers becomes more advanced and so do their tools. The cost of cyber crime to businesses in Australia is rising exponentially, costing Australians an estimated $3 Billion each year! according to the Australian Bureau of Statistics’ Personal Fraud Survey as published by ABC. Researches have stated that Cyber Crime cost businesses globally more than $3 Trillion annually and it is anticipated that this number will increase to $6 Trillion, DOUBLE, by 2021.
There is no secret that many SMBs are increasingly relying on new internet technologies to remain competitive within the local and also global markets, this leaves vulnerabilities as potential targets for Cyber Criminals. Even Software Objectives, a Victorian Microsoft Partner has recently found it’s self trying to retrieve customer data as it got hit by a new Ransomware titled ‘Gandcrab‘. Today ARNnet released more news that malware had hit major companies like; Cisco, ASUS, D-Link, Huawei, Ubiquiti, UPVEL, and ZTE devices, these are major organisation that are seeing affects from cyber attacks.
Here are my top 5 technological and cultural adjustments every SMB can make to really better defend their/your organisation against the ever developing threat of Cyber Crime:
1. Back-up critical information.
All organisations should have a critical data backup and system upgrade schedule executed regularly throughout the year. Creating back-ups on a regular basis is the easiest way to ensure that critical data is not lost in the event of a Cyber Attack or you also can’t go over natural disasters. Products Like datto, Zerto and Veeam are great solutions that can replicate your environment and back-up your data automatically so in case of a disaster and your company goes down, your environment can be replicated in minutes so the work can continue until the system is back up with a high chance of critical data recovery.
2. Assess risk and identify weaknesses.
- Anti-Virus Programs
- Anti-Spyware Programs
- Two Factor Authentication
- 30-90 day password reset
Are you covered with the top items? have you assessed all the risks, what your organisation uses and how effective it is?. Cyber Security preparedness starts with having a complete understanding of the internal and external vulnerabilities that can affect your business.
3. Employee Education and Small Training.
Here at Tech Patrol we have found that majority of malware and system attacks (all data recovered and no penetration) have been due to employees being, not so much careless, more unaware of what they are doing. Whilst ChiefExecutive.net reports that their overall research found that 90% of all cyber claims actually stemmed from some type of human error or behavior. The best way to go about fixing this incredibly important issue is to demonstrate to employees and customers how serious cyber fraud is. This involves education and training them in proper internet practices and technology solutions, and running regular phishing simulations.
“The simple truth is that a data compromise is more likely to come from an employee leaving a laptop on the train than from a malicious criminal hack,” said Anthony Dagostino, the company’s head of global cyber risk. When speaking to CE.net.
4. Implement a Security Agreement.
If you don’t have a thought out security agreement for all new employee on-boarding then you’re really making it easier for hackers to bring down your systems. You should have an agreement in place that shows an understanding by the employee that they will actively participate in helping to maintain a secure online environment whilst working across laptops, phones or login in remotely in the organisations systems. This agreement should also require amployees to automaticaly report any suspicious online activity to the proper authorities within the business, whether that’s a manager or you’re a small organisation and it’s directly to the owner. At Business Level, you should partner with an MSP that can assist with this and also assist in patching, upgrading and reporting of systems used by employees.
5. Create Contingency Plan No Matter What.
No one is safe from natural disasters and you can only be so safe when it comes to Cyber Attacks. In any case you business’ need a contingency plan to follow if the business suffers a cyber attack. This plan should include the steps in place on how to continue business operations whether at an alternate location or in an alternate environment and should indicate how employees should handle a notifiable data breach. All Contingency plans should be tested and executed in real life and these tests should be conducted by-annually with reported results files.