How Small Businesses Can Develop Cyber Resilience

Uploaded on 2024-07-26 in TECHNOLOGY--Resilience, FREE TO VIEW

Artificial intelligence (AI), and more specifically generative AI, continues to dominate headlines as more and more businesses seek to deploy the advanced technology within their operations. A recent IONOS study, however, found that almost two thirds of small and medium sized businesses (SMBs) in the UK say that security and data protection are major barriers to using AI in their companies more widely.

Another IONOS study revealed that just 16% of UK SMBs believe they are very well protected when it comes to cybersecurity, with 31% considering themselves to be ‘averagely’ protected and 7% not protecting themselves at all. 

According to the Cyber Security Breaches Survey 2023, British businesses faced over two million instances of cybercrime and that’s likely to increase even further this year. It’s clear therefore that SMBs need to grow their cyber resilience in 2024 in order to stay competitive, secure customer information and protect the company's IT systems.  

Training & Employee Awareness 

Security starts with people. A common pitfall for SMBs is a lack of regular training on security best practices for their staff. Keeping employees aware of the most common threats in the digital world and how to avoid them is essential to reduce the risk of cyberattacks, such as phishing. The phishing technique is one of the most widespread cybersecurity issues, by which the victim receives an email pretending to be from a legitimate entity such as a supplier, often encouraging people to make a payment, hand over private information or open an attachment which contains malware. Regular training on how to spot and report phishing allows employees to retain what has been learned, stay on top of emerging threats and reinforce that cybersecurity is at the forefront of the business. 

Up-to-date Systems & Devices

One of the simplest but most crucial measures to maintain security is regularly updating applications, software and the operating system of computers, laptops and devices. This means that any vulnerabilities can be identified and patched before a cybercriminal is able to exploit it.  At the same time, upgrading systems improves their performance and stability, which will help businesses maintain an optimal digital experience for their customers and employees.

For many SMBs, it can be a challenge to keep systems and devices up to date, especially when it’s down to an employee to push through an update. It’s important to send regular reminders and include this topic in employee training sessions. 

Backup In The Cloud 

Protecting data from loss and theft is a necessity for every company, and cloud backup offers a multitude of advantages over conventional backup methods, particularly as a central security component in the age of cloud and ransomware. With traditional backup methods, such as a hard disk, data could be lost in seconds due to fire, theft or human error.

A true backup in the cloud can also save not only files, but complete system states in different versions.

In this way, users can, for example, restore a server to a previously backed-up system state at any time after a security incident or operational disruption. This means that an operating state can be restored securely and stably without delay. Without cloud backup, businesses risk losing data forever after any kind of disruption. This could result in loss of customer trust and a damaged reputation, and in the worst-case scenario, closure of the business.

Power Of Partnership

The consequences of a cyberattack can be devastating for any company. Depending on the incident, an attack could lead to the business shutting down due to enormous recovery costs and the impact on its reputation. It’s essential that SMBs collaborate with a reliable security partner which is able to guarantee the safeguarding of the company’s online presence, as well as design a prevention-first cybersecurity strategy. While it’s inevitable that some form of cyberattack will occur, it must not be allowed to succeed, and these factors can make a huge difference for companies of smaller size and resource, in avoiding the greater evils.

When setting up a website, digital store or migrating customer data to a cloud architecture, choosing the right supplier can also add to an SMBs’ cyber resilience. 

Things to look out for include providers with an SSL/TLS certificate which will help encrypt and verify data so that the website is secure. Some hosting providers also offer ‘managed solutions’ where the software is managed and kept up to date on the SMB’s behalf, providing peace of mind, saving time and effort, and ensuring cybersecurity standards are met at all times. 

In this day and age, it seems inevitable that a company, no matter the size, will suffer a cyberattack at some point. However, the crux of the matter is to accept this reality and be as well prepared as possible to minimise the consequences and recover quickly when the unfortunate does happen. 

Jochen Haller is Head of TechOps Information Security at IONOS

Image: Andrii Yalanskyi

You Might Also Read: 

Half Of British SMEs Have Lost Vital Data:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

 

Cyber Security Intelligence: Captured Organised & Accessible

 

« Improving Cyber Resilience Of Frontline Armed Forces In Europe
Wiz Rejects Google's $23b Acquisition Offer »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

SecureWorks

SecureWorks

SecureWorks provides intelligence-driven security solutions for organizations to prevent, detect, rapidly respond and predict cyberattacks.

Uniken

Uniken

Uniken REL-ID is a safe, simple, and scalable security platform that tightly integrates your identity, authentication, and channel security.

Aeriandi

Aeriandi

Aeriandi is a leading provider of hosted PCI security compliance solutions for call centres, trusted by high street banks and major Telcos.

Guardian360

Guardian360

The Guardian360 platform offers unrivalled insight into the security of your applications and IT infrastructure.

PerimeterX

PerimeterX

PerimeterX is the leading provider of solutions that secure digital businesses against automated fraud and client-side attacks.

Waratek

Waratek

Waratek is a pioneer in the next generation of application security solutions known as Runtime Application Self-Protection or RASP.

Ponemon Institute

Ponemon Institute

Ponemon Institute conducts independent research on data protection and emerging information technologies.

Cog Systems

Cog Systems

Cog Systems offer an embedded solution built on modularity, proactive security, trustworthiness, and adaptability to enable highly secure connected devices.

Infopulse

Infopulse

Infopulse is a global provider of Software Engineering, Cloud & IT Infrastructure Management, and Cybersecurity services.

ES2

ES2

ES2 is a consulting organisation specialising in Enterprise Security and Solutions Services.

Telecommunications & Digital Government Regulatory Authority (TDRA) - UAE

Telecommunications & Digital Government Regulatory Authority (TDRA) - UAE

TDRA focuses on regulating the telecommunications sector and enabling government entities in the field of smart transformation. It is responsible for the overall digital infrastructure in the UAE.

Alpine Cyber Solutions

Alpine Cyber Solutions

Alpine Cyber is a Managed IT Service Provider focused on cybersecurity and cloud services.

MetaWeb Ventures

MetaWeb Ventures

MetaWeb Ventures is a global venture capital firm focused on pre-seed and seed investments in crypto start-ups.

LegalByte

LegalByte

LegalByte is a leading provider of comprehensive legal and forensic services dedicated to addressing the complex challenges of the digital age.

QPoint Technologies

QPoint Technologies

QPoint provides solutions and consulting in areas including software engineering, testing, cybersecurity, ICT, web, mobile, project management, and complex integration processes.

Defend

Defend

DEFEND are 100% focused on providing managed cybersecurity solutions and services that make a real difference to the cyber resilience of your organisation.