https://www.engineeringnews.co.za

Proactive cyberstrategy to protect small firms, improve recovery

RIAAN BADENHORST
The duty to regularly monitor and mitigate cyber risks of an SME should be vested with a team containing at least one senior manager

RIAAN BADENHORST The duty to regularly monitor and mitigate cyber risks of an SME should be vested with a team containing at least one senior manager

11th September 2015

By: Schalk Burger

Creamer Media Senior Deputy Editor

  

Font size: - +

Small and medium-sized enterprises (SMEs) must develop appropriate policies and procedures to contain the risks of cyberattacks and cybercrime, which can pose a significant risk to operations, says Kaspersky Lab Africa MD Riaan Badenhorst.

Wireless communications company Verizon’s 2013 Data Breach Investigations Report showed that more than 30% of security breaches occurred at companies with 100 or fewer employees. Kaspersky Lab’s 2014 Global Corporate IT Security Risks survey found that 94% of companies had at least one external cyberattack in the past year worldwide. The survey also found that a single security breach of an SME could lead to losses or costs of up to $47 000, often posing a significant threat to the SME’s survival.

Although SMEs do not always have the in-house skills to develop the policies and procedures to mitigate cyberrisks, they can use trusted partners, often their hardware or software suppliers, to help them conduct cyberrisk assessments and develop appropriate policies and procedures. The latter must include exploring how an SME would govern policies and must detail emergency plans, including recovery and backups.

Kaspersky Lab recommends that the duty to regularly monitor and mitigate the cyberrisks of an SME be vested with a team that includes at least one senior manager. This team must also develop a strategy for and monitor software updates, including ancillary software, such as Adobe and Internet browsers, to ensure that vulnerabilities are dealt with as soon as possible.

Further, SMEs are also undergoing bring- your-own-device changes and must, consequently, secure the mobile devices entering their networks.

“Mobile devices usually contain sensitive data and are also easy points of entry into networks,” notes Badenhorst.

While SMEs often outsource some of their information technology (IT) functions to a third party, they must still monitor service providers. An effective way is to solicit reports or, more typically, have direct access to company information accumulated by the service providers. The information can be used to ensure that policies and procedures are being followed, and all IT changes and decisions must be well documented.

SMEs should also sensitise their employees to the risks posed by cyberattacks and ensure that they are aware of good practices, such as not using common passwords, changing passwords and protecting their own devices.

Kaspersky Lab released its updated version of Small Office Security software, in July 2015, that is specifically designed for SMEs’ security context.

“Given the constraints that SMEs face and that their capital is better invested to drive their growth, Kaspersky Lab has included several features in the SME protection software to enable SMEs to manage their security effectively and affordably.”

The Kaspersky Small Office Security software enables centralised management of a company’s security policies and user administration, including third-party permissions, and also includes features to secure mobile devices. It also includes Kaspersky Lab’s password management tool and the Kaspersky Lab Safe Money system to provide additional protection for and encryption of financial data and transactions.

“The software product provides enterprise-level security for smaller companies. However, implementing only a cybersecurity product is ineffective. A proactive approach to cybersecurity provides effective protection against cyberattacks, reducing the risk to the business’s survival, and enables much quicker recovery and emergency procedures to minimise loss,” he concludes.

Edited by Martin Zhuwakinyu
Creamer Media Senior Deputy Editor

Comments

Showroom

Booyco Electronics
Booyco Electronics

Booyco Electronics, South African pioneer of Proximity Detection Systems, offers safety solutions for underground and surface mining, quarrying,...

VISIT SHOWROOM 
Goodwin Submersible Pumps Africa (Pty) Ltd
Goodwin Submersible Pumps Africa (Pty) Ltd

Goodwin Submersible Pumps Africa is sole distributors for Goodwin electrically driven, submersible, abrasion resistance slurry pumps.

VISIT SHOWROOM 

Latest Multimedia

sponsored by

Option 1 (equivalent of R125 a month):

Receive a weekly copy of Creamer Media's Engineering News & Mining Weekly magazine
(print copy for those in South Africa and e-magazine for those outside of South Africa)
Receive daily email newsletters
Access to full search results
Access archive of magazine back copies
Access to Projects in Progress
Access to ONE Research Report of your choice in PDF format

Option 2 (equivalent of R375 a month):

All benefits from Option 1
PLUS
Access to Creamer Media's Research Channel Africa for ALL Research Reports, in PDF format, on various industrial and mining sectors including Electricity; Water; Energy Transition; Hydrogen; Roads, Rail and Ports; Coal; Gold; Platinum; Battery Metals; etc.

Already a subscriber?

Forgotten your password?

MAGAZINE & ONLINE

SUBSCRIBE

RESEARCH CHANNEL AFRICA

SUBSCRIBE

CORPORATE PACKAGES

CLICK FOR A QUOTATION







sq:0.137 0.192s - 164pq - 2rq
Subscribe Now