It’s no secret that managers across North America and Europe have been marshalling forces for digital transformation in a high-stakes battle to ward off ambitious insurgents, maintain market share and address the changing demands of today’s customers. This is a once-in-a-generation challenge for any business leader, but it’s not the whole story. behind the scenes, a fourth imperative is being added to the list of transformation considerations—combating modern cyber-criminal.
Today, technologies like cloud computing, mobility, social, and big data and analytics are enabling small- and midsized businesses (SMBs) to do more with less, reach new markets and focus on creativity and invention instead of IT.
But with all this new opportunity comes responsibility. Whether an SMB is moving to the cloud or implementing a bring your own device (BYOD) mobile program, security should be part of the plan.
Each year, cybercrime costs the economy about $445 billion, according to the Centre for Strategic and International Studies, and SMBs can be attractive targets for hackers tapping into this profitable black market. SMBs tend to have weaker online security, use cloud services void of strong encryption technology and lack the robust IT and internal policies needed to protect against increasingly sophisticated cyber-crime rings, which operate with an enviable efficiency and effectiveness.
Employees are often the weakest link here: 95 percent of breaches stem from human error, and small-business employees are no exception. They may be ignorant of the latest threats (e.g., well-disguised phishing scams). They may use their personal, insecure mobile devices for work purposes (or vice versa). And they may be downloading and using vulnerable apps, creating multiple entry points for potential data breaches, hijacked information and even espionage into confidential business meetings and calls.
Hackers are aware of these vulnerabilities and are organizing themselves to exploit them, crafting highly sophisticated assaults.
But SMBs are ready to fight back. With the lessons they’ve learned from larger competitors, SMBs are actively seeking out ways to protect their data and intellectual property and arming themselves against cyber-attacks.
According to the International Data Corporation, SMB spending on security technology is growing, and is set to pass $5.6 billion this year, representing a significant investment in SMBs’ overall IT spending. So now that they’re focusing attention on and investment in security, what’s the best way to kickstart a defines against cyber criminals?
Here are the top five tips for protecting today’s SMB:
1. Create a culture of cyber security.
Because most attacks stem from human error, every employee needs to understand the importance of cyber security, no matter how large or small the company. Do your due diligence in educating your workforce, and work with your executive team to create policies and practices that protect your business.
2. Establish a security management strategy.
Cyber-attacks are organized, strategic and targeted. In fact, 80 percent of cyber-attacks are driven by highly organized crime rings, which widely share data, tools and expertise, according to the UN Report on Cyber crime. It’s critical, therefore, that your business be one step ahead and meticulously plan for an attempted invasion. You’ll need to establish a strategic approach so that your entire environment works as an integrated defines, detecting, preventing and responding to attacks seamlessly and instantly.
3. Get organized and share.
According to a recent survey, only 36 percent of security and IT professionals currently share information with industry groups, and more than half (52 percent) do not share any information at all. There’s power in numbers, however, so the private sector needs to collaborate and share data and expertise just as effectively — if not more — than the cyber-criminals do. Join a leading and well-built-out cyberthreat intelligence sharing platform and begin connecting across other companies and industries to pre-emptively spot threats and shut them out of your systems.
4. Implement a mobile device policy.
Although mobile has risen as the platform of choice for work, shopping and socializing, we haven’t fully woken up to the tremendous security vulnerabilities which accompany mobile devices and apps. At any given time, malicious code is infecting more than 11.6 million mobile devices. Despite this threat, a recent study revealed that 67 percent of organizations allow their employees to download nonwetted apps on their work devices.
By rooting a device through security flaws in insecure apps, hackers can access sensitive files and documents and personal data or hijack a device’s camera or microphone to spy on meetings. SMBs need comprehensive mobile security strategies to defend against these vulnerabilities.
They need to think more broadly than just about device management. There are risks associated with mobile content, apps and the increasingly popular practice of accessing confidential business data via mobile devices. Implementing a mobile device policy is essential to protecting your business.
5. Choose security that fits your business.
Today’s SMB needs a managed security services provider that can deliver a flexible solution cost effectively and provide a seamless upgrade path. Additionally, any security approach should include quick, easy access to skilled security professionals, who can help them respond rapidly to any issues or incidents as they arise.
The need for an intelligent, unified front to fight cyber criminals is greater than ever. Organized, complex cyber-crime is rapidly growing, cracking even the most secure companies with highly elaborate schemes. Don’t let your small business become a victim. Be prepared and fight back.