How Small Businesses Can Develop Cyber Resilience

Uploaded on 2024-07-26 in TECHNOLOGY--Resilience, FREE TO VIEW

Artificial intelligence (AI), and more specifically generative AI, continues to dominate headlines as more and more businesses seek to deploy the advanced technology within their operations. A recent IONOS study, however, found that almost two thirds of small and medium sized businesses (SMBs) in the UK say that security and data protection are major barriers to using AI in their companies more widely.

Another IONOS study revealed that just 16% of UK SMBs believe they are very well protected when it comes to cybersecurity, with 31% considering themselves to be ‘averagely’ protected and 7% not protecting themselves at all. 

According to the Cyber Security Breaches Survey 2023, British businesses faced over two million instances of cybercrime and that’s likely to increase even further this year. It’s clear therefore that SMBs need to grow their cyber resilience in 2024 in order to stay competitive, secure customer information and protect the company's IT systems.  

Training & Employee Awareness 

Security starts with people. A common pitfall for SMBs is a lack of regular training on security best practices for their staff. Keeping employees aware of the most common threats in the digital world and how to avoid them is essential to reduce the risk of cyberattacks, such as phishing. The phishing technique is one of the most widespread cybersecurity issues, by which the victim receives an email pretending to be from a legitimate entity such as a supplier, often encouraging people to make a payment, hand over private information or open an attachment which contains malware. Regular training on how to spot and report phishing allows employees to retain what has been learned, stay on top of emerging threats and reinforce that cybersecurity is at the forefront of the business. 

Up-to-date Systems & Devices

One of the simplest but most crucial measures to maintain security is regularly updating applications, software and the operating system of computers, laptops and devices. This means that any vulnerabilities can be identified and patched before a cybercriminal is able to exploit it.  At the same time, upgrading systems improves their performance and stability, which will help businesses maintain an optimal digital experience for their customers and employees.

For many SMBs, it can be a challenge to keep systems and devices up to date, especially when it’s down to an employee to push through an update. It’s important to send regular reminders and include this topic in employee training sessions. 

Backup In The Cloud 

Protecting data from loss and theft is a necessity for every company, and cloud backup offers a multitude of advantages over conventional backup methods, particularly as a central security component in the age of cloud and ransomware. With traditional backup methods, such as a hard disk, data could be lost in seconds due to fire, theft or human error.

A true backup in the cloud can also save not only files, but complete system states in different versions.

In this way, users can, for example, restore a server to a previously backed-up system state at any time after a security incident or operational disruption. This means that an operating state can be restored securely and stably without delay. Without cloud backup, businesses risk losing data forever after any kind of disruption. This could result in loss of customer trust and a damaged reputation, and in the worst-case scenario, closure of the business.

Power Of Partnership

The consequences of a cyberattack can be devastating for any company. Depending on the incident, an attack could lead to the business shutting down due to enormous recovery costs and the impact on its reputation. It’s essential that SMBs collaborate with a reliable security partner which is able to guarantee the safeguarding of the company’s online presence, as well as design a prevention-first cybersecurity strategy. While it’s inevitable that some form of cyberattack will occur, it must not be allowed to succeed, and these factors can make a huge difference for companies of smaller size and resource, in avoiding the greater evils.

When setting up a website, digital store or migrating customer data to a cloud architecture, choosing the right supplier can also add to an SMBs’ cyber resilience. 

Things to look out for include providers with an SSL/TLS certificate which will help encrypt and verify data so that the website is secure. Some hosting providers also offer ‘managed solutions’ where the software is managed and kept up to date on the SMB’s behalf, providing peace of mind, saving time and effort, and ensuring cybersecurity standards are met at all times. 

In this day and age, it seems inevitable that a company, no matter the size, will suffer a cyberattack at some point. However, the crux of the matter is to accept this reality and be as well prepared as possible to minimise the consequences and recover quickly when the unfortunate does happen. 

Jochen Haller is Head of TechOps Information Security at IONOS

Image: Andrii Yalanskyi

You Might Also Read: 

Half Of British SMEs Have Lost Vital Data:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

 

Cyber Security Intelligence: Captured Organised & Accessible

 

« Improving Cyber Resilience Of Frontline Armed Forces In Europe
Wiz Rejects Google's $23b Acquisition Offer »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

InfoSec People

InfoSec People

InfoSec People is a boutique cyber and technology recruitment consultancy, built by genuine experts.

Varonis

Varonis

Varonis provide a security software platform to let organizations track, visualize, analyze and protect their unstructured data.

Hivint

Hivint

Hivint is a new kind of Information Security professional services company enabling collaboration between our clients to reduce unnecessary security spend.

National Cybersecurity Society (NCSS) - USA

National Cybersecurity Society (NCSS) - USA

The National Cybersecurity Society is a non-profit organization focused on providing cybersecurity education, awareness and advocacy to small businesses.

OnDefend

OnDefend

OnDefend delivers information security solutions that improve overall security posture, reduce risks and defend against continually evolving and persistent cyber adversaries.

Amidas Hong Kong

Amidas Hong Kong

Amidas is your trusted companion on the road to Digital Transformation. We provide a full range of Information Technology Solutions and Professional Services to Enterprise customers.

Profian

Profian

Profian’s hardware-based solutions maintain your data's confidentiality and integrity in use, providing true confidential computing to meet regulatory and audit requirements.

SideChannel

SideChannel

At SideChannel, we match companies with an expert virtual CISO (vCISO), so your organization can assess cyber risk and ensure cybersecurity compliance.

Sify Technologies

Sify Technologies

Sify is the largest ICT service provider, systems integrator, and all-in-one network solutions company on the Indian subcontinent.

Pessimistic Security

Pessimistic Security

The team behind Pessimistic helps blockchain startups meet modern security challenges since 2017.

Catalogic Software

Catalogic Software

Catalogic helps clients backup, recover, manage, and protect their data across their enterprise and cloud environments with Smart Data Protection solutions.

Jera IT

Jera IT

Jera IT provide fully managed IT support, cybersecurity services, telecoms systems, and IT strategy consultancy to businesses based in Aberdeen and the surrounding area.

Tryaq

Tryaq

Tryaq are a group of cybersecurity experts and enthusiasts who share the mission to make the world feel safer online.

HTX (Home Team Science & Technology Agency)

HTX (Home Team Science & Technology Agency)

HTX brings together science and engineering capabilities to transform the homeland security landscape and keep Singapore safe.

Secolve

Secolve

Secolve is Australia’s next generation OT specialist cyber security firm, working with key industries to protect the nation’s critical infrastructure.

Interpres Security

Interpres Security

Interpres Security operationalizes TTP-based threat intelligence and automates continuous exposure monitoring to help CISOs and security practitioners reduce threat exposure.