How Small Businesses Can Develop Cyber Resilience

Uploaded on 2024-07-26 in TECHNOLOGY--Resilience, FREE TO VIEW

Artificial intelligence (AI), and more specifically generative AI, continues to dominate headlines as more and more businesses seek to deploy the advanced technology within their operations. A recent IONOS study, however, found that almost two thirds of small and medium sized businesses (SMBs) in the UK say that security and data protection are major barriers to using AI in their companies more widely.

Another IONOS study revealed that just 16% of UK SMBs believe they are very well protected when it comes to cybersecurity, with 31% considering themselves to be ‘averagely’ protected and 7% not protecting themselves at all. 

According to the Cyber Security Breaches Survey 2023, British businesses faced over two million instances of cybercrime and that’s likely to increase even further this year. It’s clear therefore that SMBs need to grow their cyber resilience in 2024 in order to stay competitive, secure customer information and protect the company's IT systems.  

Training & Employee Awareness 

Security starts with people. A common pitfall for SMBs is a lack of regular training on security best practices for their staff. Keeping employees aware of the most common threats in the digital world and how to avoid them is essential to reduce the risk of cyberattacks, such as phishing. The phishing technique is one of the most widespread cybersecurity issues, by which the victim receives an email pretending to be from a legitimate entity such as a supplier, often encouraging people to make a payment, hand over private information or open an attachment which contains malware. Regular training on how to spot and report phishing allows employees to retain what has been learned, stay on top of emerging threats and reinforce that cybersecurity is at the forefront of the business. 

Up-to-date Systems & Devices

One of the simplest but most crucial measures to maintain security is regularly updating applications, software and the operating system of computers, laptops and devices. This means that any vulnerabilities can be identified and patched before a cybercriminal is able to exploit it.  At the same time, upgrading systems improves their performance and stability, which will help businesses maintain an optimal digital experience for their customers and employees.

For many SMBs, it can be a challenge to keep systems and devices up to date, especially when it’s down to an employee to push through an update. It’s important to send regular reminders and include this topic in employee training sessions. 

Backup In The Cloud 

Protecting data from loss and theft is a necessity for every company, and cloud backup offers a multitude of advantages over conventional backup methods, particularly as a central security component in the age of cloud and ransomware. With traditional backup methods, such as a hard disk, data could be lost in seconds due to fire, theft or human error.

A true backup in the cloud can also save not only files, but complete system states in different versions.

In this way, users can, for example, restore a server to a previously backed-up system state at any time after a security incident or operational disruption. This means that an operating state can be restored securely and stably without delay. Without cloud backup, businesses risk losing data forever after any kind of disruption. This could result in loss of customer trust and a damaged reputation, and in the worst-case scenario, closure of the business.

Power Of Partnership

The consequences of a cyberattack can be devastating for any company. Depending on the incident, an attack could lead to the business shutting down due to enormous recovery costs and the impact on its reputation. It’s essential that SMBs collaborate with a reliable security partner which is able to guarantee the safeguarding of the company’s online presence, as well as design a prevention-first cybersecurity strategy. While it’s inevitable that some form of cyberattack will occur, it must not be allowed to succeed, and these factors can make a huge difference for companies of smaller size and resource, in avoiding the greater evils.

When setting up a website, digital store or migrating customer data to a cloud architecture, choosing the right supplier can also add to an SMBs’ cyber resilience. 

Things to look out for include providers with an SSL/TLS certificate which will help encrypt and verify data so that the website is secure. Some hosting providers also offer ‘managed solutions’ where the software is managed and kept up to date on the SMB’s behalf, providing peace of mind, saving time and effort, and ensuring cybersecurity standards are met at all times. 

In this day and age, it seems inevitable that a company, no matter the size, will suffer a cyberattack at some point. However, the crux of the matter is to accept this reality and be as well prepared as possible to minimise the consequences and recover quickly when the unfortunate does happen. 

Jochen Haller is Head of TechOps Information Security at IONOS

Image: Andrii Yalanskyi

You Might Also Read: 

Half Of British SMEs Have Lost Vital Data:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

 

Cyber Security Intelligence: Captured Organised & Accessible

 

« Improving Cyber Resilience Of Frontline Armed Forces In Europe
Wiz Rejects Google's $23b Acquisition Offer »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Karlsruhe Institute of Technology (KIT)

Karlsruhe Institute of Technology (KIT)

KIT is a leading research and education institutions with strong capabilities in information systems and security.

Simula Research Laboratory

Simula Research Laboratory

Simula Research Laboratory carries out research in the fields of communication systems, scientific computing and software engineering.

Ethoca

Ethoca

Ethoca is a secure network for card issuers and merchants to connect and work cooperatively outside the payment network in a unique and powerful way.

Securepoint

Securepoint

Securepoint is the market leader in the development of professional “Unified Threat Management” solutions in Germany.

Cynerio

Cynerio

Cynerio develops cybersecurity protections for medical devices, comparing network behavior with a database of medical workflows.

Relution

Relution

Relution is the Unified Endpoint Management platform for innovative companies and educational institutions. It enables you to manage your mobile apps and devices easily and securely.

Perseus Cyber Security

Perseus Cyber Security

Perseus provides all-around digital protection for small and medium-sized businesses through state-of-the-art software solutions, flexible online training and emergency response.

Bl4ckswan

Bl4ckswan

Bl4ckswan is a Management Consulting firm specialized in the delivery of information security and compliance services.

GoCyber

GoCyber

GoCyber is a new, highly innovative cyber security training app that uses action based learning to significantly improve the online behaviour of all employees in less than a month.

Binary Defense

Binary Defense

Binary Defense protect businesses of all sizes through advanced cybersecurity solutions including Managed Detection and Response, Security Information and Event Management and Counterintelligence.

iManage

iManage

iManage's intelligent, cloud-enabled, secure knowledge work platform enables organizations to uncover and activate the knowledge that exists inside their business.

CertNexus

CertNexus

CertNexus is a vendor-neutral certification body, providing emerging technology certifications and micro-credentials for business, data, developer, IT, and security professionals.

Strategic Technology Solutions (STS)

Strategic Technology Solutions (STS)

Strategic Technology Solutions specialize in providing Cybersecurity and Managed IT Services to the legal industry.

Zyber 365 Group

Zyber 365 Group

Zyber 365 are providing a robust, decentralized, and cyber-secured operating system which adheres to the fundamental principles of environmental sustainability.

Cyber Security Certification Australia (CSCAU)

Cyber Security Certification Australia (CSCAU)

CSCAU is the world’s first 'for mission' industry council set up to address small and medium-sized business (SMB) cyber resilience through annually updated certifiable standards.

OryxAlign

OryxAlign

OryxAlign offer managed IT and cyber security, cloud and digital transformation, and tailored professional and consulting services.