How Small Businesses Can Develop Cyber Resilience

Uploaded on 2024-07-26 in TECHNOLOGY--Resilience, FREE TO VIEW

Artificial intelligence (AI), and more specifically generative AI, continues to dominate headlines as more and more businesses seek to deploy the advanced technology within their operations. A recent IONOS study, however, found that almost two thirds of small and medium sized businesses (SMBs) in the UK say that security and data protection are major barriers to using AI in their companies more widely.

Another IONOS study revealed that just 16% of UK SMBs believe they are very well protected when it comes to cybersecurity, with 31% considering themselves to be ‘averagely’ protected and 7% not protecting themselves at all. 

According to the Cyber Security Breaches Survey 2023, British businesses faced over two million instances of cybercrime and that’s likely to increase even further this year. It’s clear therefore that SMBs need to grow their cyber resilience in 2024 in order to stay competitive, secure customer information and protect the company's IT systems.  

Training & Employee Awareness 

Security starts with people. A common pitfall for SMBs is a lack of regular training on security best practices for their staff. Keeping employees aware of the most common threats in the digital world and how to avoid them is essential to reduce the risk of cyberattacks, such as phishing. The phishing technique is one of the most widespread cybersecurity issues, by which the victim receives an email pretending to be from a legitimate entity such as a supplier, often encouraging people to make a payment, hand over private information or open an attachment which contains malware. Regular training on how to spot and report phishing allows employees to retain what has been learned, stay on top of emerging threats and reinforce that cybersecurity is at the forefront of the business. 

Up-to-date Systems & Devices

One of the simplest but most crucial measures to maintain security is regularly updating applications, software and the operating system of computers, laptops and devices. This means that any vulnerabilities can be identified and patched before a cybercriminal is able to exploit it.  At the same time, upgrading systems improves their performance and stability, which will help businesses maintain an optimal digital experience for their customers and employees.

For many SMBs, it can be a challenge to keep systems and devices up to date, especially when it’s down to an employee to push through an update. It’s important to send regular reminders and include this topic in employee training sessions. 

Backup In The Cloud 

Protecting data from loss and theft is a necessity for every company, and cloud backup offers a multitude of advantages over conventional backup methods, particularly as a central security component in the age of cloud and ransomware. With traditional backup methods, such as a hard disk, data could be lost in seconds due to fire, theft or human error.

A true backup in the cloud can also save not only files, but complete system states in different versions.

In this way, users can, for example, restore a server to a previously backed-up system state at any time after a security incident or operational disruption. This means that an operating state can be restored securely and stably without delay. Without cloud backup, businesses risk losing data forever after any kind of disruption. This could result in loss of customer trust and a damaged reputation, and in the worst-case scenario, closure of the business.

Power Of Partnership

The consequences of a cyberattack can be devastating for any company. Depending on the incident, an attack could lead to the business shutting down due to enormous recovery costs and the impact on its reputation. It’s essential that SMBs collaborate with a reliable security partner which is able to guarantee the safeguarding of the company’s online presence, as well as design a prevention-first cybersecurity strategy. While it’s inevitable that some form of cyberattack will occur, it must not be allowed to succeed, and these factors can make a huge difference for companies of smaller size and resource, in avoiding the greater evils.

When setting up a website, digital store or migrating customer data to a cloud architecture, choosing the right supplier can also add to an SMBs’ cyber resilience. 

Things to look out for include providers with an SSL/TLS certificate which will help encrypt and verify data so that the website is secure. Some hosting providers also offer ‘managed solutions’ where the software is managed and kept up to date on the SMB’s behalf, providing peace of mind, saving time and effort, and ensuring cybersecurity standards are met at all times. 

In this day and age, it seems inevitable that a company, no matter the size, will suffer a cyberattack at some point. However, the crux of the matter is to accept this reality and be as well prepared as possible to minimise the consequences and recover quickly when the unfortunate does happen. 

Jochen Haller is Head of TechOps Information Security at IONOS

Image: Andrii Yalanskyi

You Might Also Read: 

Half Of British SMEs Have Lost Vital Data:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

 

Cyber Security Intelligence: Captured Organised & Accessible

 

« Improving Cyber Resilience Of Frontline Armed Forces In Europe
Wiz Rejects Google's $23b Acquisition Offer »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Acuity Risk Management

Acuity Risk Management

Acuity Risk Management helps businesses worldwide effectively manage, prioritize and report on their risks to inform strategic and tactical decision-making and build long-term resilience.

Infrascale

Infrascale

Infrascale specialise in providing cloud backup and disaster recovery services.

Netteam

Netteam

Netteam designs, implements and services networking solutions for companies of all sizes.

D3 Security

D3 Security

D3's Smart SOAR platform is at the forefront of the security automation revolution, helping clients around the world to rapidly identify, analyze, and resolve advanced threats.

Haventec

Haventec

Haventec’s internationally patented technologies reduce cyber risk and enable pervasive trust services with a decentralised approach to authentication.

Invensity

Invensity

INVENSITY is an interdisciplinary technology and innovation consulting company. Centres of excellence include Cyber Security and Data Privacy.

Knowledge Transfer Network (KTN)

Knowledge Transfer Network (KTN)

KTN links new ideas and opportunities with expertise, markets and finance through our network of businesses, universities, funders and investors.

Viria

Viria

Viria is an information and security technology solution provider that promotes digitalization in a secure way.

KT Secure

KT Secure

KTSecure’s mission is to provide proven and productive cyber security solutions and managed services, backed by our highly qualified and passionate team of experts.

Gridware

Gridware

Gridware is a specialised cybersecurity consultancy firm and an emerging global player in the cybersecurity intelligence and advisory field.

Swish Data Corp.

Swish Data Corp.

Swish delivers when the problems are complex, requirements are difficult, and the mission is absolutely critical.

Creative Destruction Lab (CDL)

Creative Destruction Lab (CDL)

Creative Destruction Lab is a nonprofit organization that delivers an objectives-based program for massively scalable, seed-stage, science- and technology-based companies.

European Cybersecurity Competence Centre (ECCC)

European Cybersecurity Competence Centre (ECCC)

The ECCC aims to increase Europe’s cybersecurity capacities and competitiveness, working together with a Network of National Coordination Centres to build a strong cybersecurity Community.

Pillar Technology Partners

Pillar Technology Partners

Pillar Technology Partners is an Information Security Company with a focus on improving Cyber Risk and optimizing the processes and technology that underpin the security of your information assets.

ThreatDown

ThreatDown

ThreatDown, powered by Malwarebytes, is on a mission to overpower threats and empower IT by removing the complexity of detecting and stopping today’s most advanced threats.

LT Harper

LT Harper

LT Harper specialise in cyber security recruitment. We believe in providing an individualised service to our customers whether they are looking for a new opportunity or to hire talent.