How Small Businesses Can Develop Cyber Resilience

Uploaded on 2024-07-26 in TECHNOLOGY--Resilience, FREE TO VIEW

Artificial intelligence (AI), and more specifically generative AI, continues to dominate headlines as more and more businesses seek to deploy the advanced technology within their operations. A recent IONOS study, however, found that almost two thirds of small and medium sized businesses (SMBs) in the UK say that security and data protection are major barriers to using AI in their companies more widely.

Another IONOS study revealed that just 16% of UK SMBs believe they are very well protected when it comes to cybersecurity, with 31% considering themselves to be ‘averagely’ protected and 7% not protecting themselves at all. 

According to the Cyber Security Breaches Survey 2023, British businesses faced over two million instances of cybercrime and that’s likely to increase even further this year. It’s clear therefore that SMBs need to grow their cyber resilience in 2024 in order to stay competitive, secure customer information and protect the company's IT systems.  

Training & Employee Awareness 

Security starts with people. A common pitfall for SMBs is a lack of regular training on security best practices for their staff. Keeping employees aware of the most common threats in the digital world and how to avoid them is essential to reduce the risk of cyberattacks, such as phishing. The phishing technique is one of the most widespread cybersecurity issues, by which the victim receives an email pretending to be from a legitimate entity such as a supplier, often encouraging people to make a payment, hand over private information or open an attachment which contains malware. Regular training on how to spot and report phishing allows employees to retain what has been learned, stay on top of emerging threats and reinforce that cybersecurity is at the forefront of the business. 

Up-to-date Systems & Devices

One of the simplest but most crucial measures to maintain security is regularly updating applications, software and the operating system of computers, laptops and devices. This means that any vulnerabilities can be identified and patched before a cybercriminal is able to exploit it.  At the same time, upgrading systems improves their performance and stability, which will help businesses maintain an optimal digital experience for their customers and employees.

For many SMBs, it can be a challenge to keep systems and devices up to date, especially when it’s down to an employee to push through an update. It’s important to send regular reminders and include this topic in employee training sessions. 

Backup In The Cloud 

Protecting data from loss and theft is a necessity for every company, and cloud backup offers a multitude of advantages over conventional backup methods, particularly as a central security component in the age of cloud and ransomware. With traditional backup methods, such as a hard disk, data could be lost in seconds due to fire, theft or human error.

A true backup in the cloud can also save not only files, but complete system states in different versions.

In this way, users can, for example, restore a server to a previously backed-up system state at any time after a security incident or operational disruption. This means that an operating state can be restored securely and stably without delay. Without cloud backup, businesses risk losing data forever after any kind of disruption. This could result in loss of customer trust and a damaged reputation, and in the worst-case scenario, closure of the business.

Power Of Partnership

The consequences of a cyberattack can be devastating for any company. Depending on the incident, an attack could lead to the business shutting down due to enormous recovery costs and the impact on its reputation. It’s essential that SMBs collaborate with a reliable security partner which is able to guarantee the safeguarding of the company’s online presence, as well as design a prevention-first cybersecurity strategy. While it’s inevitable that some form of cyberattack will occur, it must not be allowed to succeed, and these factors can make a huge difference for companies of smaller size and resource, in avoiding the greater evils.

When setting up a website, digital store or migrating customer data to a cloud architecture, choosing the right supplier can also add to an SMBs’ cyber resilience. 

Things to look out for include providers with an SSL/TLS certificate which will help encrypt and verify data so that the website is secure. Some hosting providers also offer ‘managed solutions’ where the software is managed and kept up to date on the SMB’s behalf, providing peace of mind, saving time and effort, and ensuring cybersecurity standards are met at all times. 

In this day and age, it seems inevitable that a company, no matter the size, will suffer a cyberattack at some point. However, the crux of the matter is to accept this reality and be as well prepared as possible to minimise the consequences and recover quickly when the unfortunate does happen. 

Jochen Haller is Head of TechOps Information Security at IONOS

Image: Andrii Yalanskyi

You Might Also Read: 

Half Of British SMEs Have Lost Vital Data:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

 

Cyber Security Intelligence: Captured Organised & Accessible

 

« Improving Cyber Resilience Of Frontline Armed Forces In Europe
Wiz Rejects Google's $23b Acquisition Offer »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

UCD Centre for Cybersecurity and Cybercrime Investigation

UCD Centre for Cybersecurity and Cybercrime Investigation

UCD Centre for Cybersecurity and Cybercrime Investigation is Europe's leading centre for research & education in cybersecurity, cybercrime and digital forensics.

ISACA

ISACA

ISACA is a global professional association and learning organization for members who work in information security, governance, assurance, rissk and privacy.

Prewen

Prewen

Prewen provide solutions to protect sensitive data across the organisation.

Bastille

Bastille

Bastille’s patented software and security sensors bring visibility to devices emitting radio signals (Wi-Fi, cellular, IoT) in your organization.

Department of Justice & Equality - Cybercrime Division - Ireland

Department of Justice & Equality - Cybercrime Division - Ireland

The Cybercrime division is responsible for developing policy in relation to the criminal activity and coordinating a range of different cyber initiatives at national and international level.

Southwest Research Institute (SwRI)

Southwest Research Institute (SwRI)

Southwest Research Institute SwRI are R&D problem solvers providing independent services to government and industry clients. Areas of expertise include Cybersecurity, Intelligent Networks and IoT.

Liberman Networks

Liberman Networks

Liberman Networks is an IT solutions provider company that provides security, management, monitoring, BDR and cloud solutions.

Anvilogic

Anvilogic

Anvilogic provides a unifying experience for security professionals aimed at providing improved visibility, enrichment, and context across hundreds of alerting datasets and security tools.

HEQA Security

HEQA Security

HEQA Security (formerly QuantLR) offer the world’s most cost-effective, easy-to-integrate, and secure Quantum Key Distribution (QKD) solution

CryptoNext Security

CryptoNext Security

CryptoNext provides optimal end-to-end post-quantum cybersecurity remediation tools and solutions for IT/OT infrastructures & applications.

RapidSpike

RapidSpike

RapidSpike is the only website monitoring solution that focuses all three key aspects of website health: performance, reliability AND security.

BARR Advisory

BARR Advisory

At BARR Advisory, we build trust through cyber resilience. We help protect the world’s data, people, and information networks through a human-first approach to cybersecurity and compliance.

Invictus International Consulting

Invictus International Consulting

Invictus International Consulting are a recognized leader in full-spectrum cyber technology solutions designed to protect the security of our nation's global defense and critical infrastructure.

Theori

Theori

Theori tackles the most difficult cybersecurity challenges from an attacker’s perspective and conquers them as the best strategic security experts.

Backslash Security

Backslash Security

With Backslash, AppSec teams gain visibility into critical risks in their apps based on reachability and exploitability.

Chaos Computer Club (CCC)

Chaos Computer Club (CCC)

The Chaos Computer Club is Europe's largest association of hackers.