Cybersecurity – an organizational priority for SMBs

 

Shashidhar Rachuri
Director – CoE
Softline India

Until recently, cyber-attacks, more specifically data breaches, have been considered as problems for large organizations and businesses. After all, large organizations are more prone to these attacks, as they have a plethora of capital, IP resources, and other important data. The Yahoo breach of 2013 exemplifies this fact. On the other hand, like their large counterparts, small- and medium-sized businesses (SMBs) are increasingly becoming more vulnerable to cyberattacks. As revealed by a 2019 study by Accenture, 43% of cyberattacks across the globe are aimed at SMBs.1

Cyberattacks: A looming threat for SMBs

India falls among the top 5 countries affected by ransomware2, with SMBs facing cyber threats on a regular basis. With the fight against cybercriminals having become a ground reality for SMBs, the time has come for them to devise a comprehensive cybersecurity strategy. But before they get ready with such a strategy, they first need to gain an in-depth understanding of all types of vulnerabilities — internal or external — that can affect their businesses.

If experts’ opinions are anything to go by, cyberattacks can happen either because an organization’s vulnerabilities were not quickly fixed, poor incident response planning, inadequate/poor planning on security posture or slow patching cadence allowed the attack to continue to spread. Some common types of cyber-attack methods that organizations should be aware of include — hacking, phishing, DDoS attacks, spyware, data thefts, and the dreaded ransomware. Essentially, SMBs should adopt a comprehensive approach to cybersecurity focusing on multiple layers of security controls, including assessment, multi-factor authentication, an effective data backup strategy, IT security planning, investing in security technologies and implementing security awareness training.

It’s time to relook at your organization’s security posture and add some checks. It is important for every enterprise to secure their business. To deal with constantly evolving cyber threats, it is imperative for them to protect their devices and software network with cutting-edge security solutions available and update them on a regular interval. Even, business leaders must ensure that only authorized employees get access to sensitive data and Applications.

In addition to building a robust Cybersecurity framework, one has to relook at their policies as well.

  • Data Backup (How and where are we storing this data? How do we protect it? Who has access internally and externally to the data? What is the risk methodology?)
  • Securing the Devices & Network (Making sure all devices are checked/verified and all software’s & patches are updated)
  • Activate Data Encryption (Data encryption is a security method where information is encoded and can only be accessed or decrypted by a user with the correct encryption key)
  • Use Multi-factor Authentication (Multi-factor Authentication (MFA) is an authentication method that requires the user to provide two or more verification factors to gain access to a resource such as an application, online account, or a VPN)
  • Comprehensive Monitoring System
  • Implement Security Policies (Clear cybersecurity policies while sharing data (internal or external; over intranet or internet) more importantly what to access on Internet and what applications are allowed in the Enterprise)
  • Cybersecurity Awareness Training for users

A point to note here is that today’s cybercriminals are technically more advanced and therefore, SMBs should be aware of emerging threats.

The future of the workplace is digital, and its security requirements are evolving rapidly. Conventional security methods that focus on some established methods are giving way to modern workplace solutions integrated into a cloud platform. With more and more employees working from home and the hybrid workplace gaining momentum, a holistic digital workplace solution has emerged as a critical tenet for success. With this, SMBs can take care of every aspect of information and IT security, protect their data and IP while ensuring the satisfaction and effectiveness of employees, as they can work flexibly from any location in a complex work environment.