When a business experiences a security breach, it can be a chaotic and unsettling time. Apart from stirring up emotions that wouldn’t be out of place in a Matrix movie, it also should remind business owners to think about introducing long term implementations that can lessen the chances of it happening again.
Responding to a cyber attack when it happens is one thing, but implementing long term strategies to ensure it doesn’t happen again is even more important and is vital to the survival of SMEs with limited budgets.
Short term pain long term gain
With cyber-attacks costing SMEs dearly in terms of wasted time, lost money and declining industry reputation, let’s ensure it stops for good by looking at long-term policies they can implement to lessen the chances of a future breach.
Here’s what three business leaders have to say about ‘planning for the future’ where cybersecurity is concerned…
1. “Educate staff about phishing” Alistair Sergeant, CEO, Purple
The solution(s) can be simple…
Some of the world’s largest data breaches have resulted from phishing emails because staff members simply couldnt tell the difference between legitimate or scamming correspondence.
Investing in educating staff members on cybersecurity risks and the potential impact any breach can have on their own personal data will help them understand the severity of phishing and ensure they are united in protecting the organisation too.
Cyber-thieves and hackers have become increasingly intelligent. Implement simple, but effective changes and businesses will significantly increase their cybersecurity measures.
2. “Ensure staff are visible on what needs guarding” Marco Rottigni, Chief Technical Security Officer EMEA at Qualys
Rather than looking at the latest and greatest security technologies, small companies have to go back to basics and reduce what can be attacked in their business.
This involves cutting down all the exposed areas that an attacker can interact with over the internet – this can be achieved by paying more attention to IT hygiene and improving the awareness of all users.
Listing ALL you have…
What does this mean in practice? Getting an accurate list of all the IT assets that you use, from endpoint devices through to software installed and additional services like cloud accounts.
After all, you cannot defend what you do not see, therefore you need to keep dedicated sensor eyes? on these assets.
This can be achieved using sensors that can collect data from all their IT assets. There are free tools available that can provide this service, so the cost does not stop companies doing this.
Implement absolute visibility
Once you have this visibility, you need accurate information. Without accuracy, you run the risk of overwhelming your resources and staff with a tsunamI of events to investigate and unless you want staff to burn out or quit, this isnt going to work. Prioritise the most important fixes that are riskier first you can use information from your security partners to help you here.
Annie May is the Features Editor at Real Business and Business Advice. Following her graduation from LSE, she embarked upon a freelance career in current affairs journalism. Annie has written on subjects varying from African history and contemporary politics to community business and current affairs news in London. At Real Business and Business Advice, Annie is passionate about highlighting inclusive and diverse business disruptors and organisations for our evolving readership. Annie believes in fostering community inclusion and has volunteered for organisations such as Fairfield House, a UK based Rastafari centre and a senior citizen association for ethnic minority men and women.