CYBER SECURITY AND YOUR BUSINESS.
The tidal wave of security threats is almost overwhelming for almost every business …. but what can you do about it? Keeping cyber thieves at bay is hard. They are busy, well-motivated and well-financed.
Just one example serves to show just how prolific they are. Every day, about 250,000 new variants of viruses are developed by cyber thugs.
Their vigour has helped them steal data from some really big companies; Target, Home Depot and eBay have all been victims recently
And, what is a problem for the big companies is even more acute for the smaller firms. They have an even tougher time keeping the bad guys out.
Sophos, a cyber security company, reckons small firms are exposed to many of the same attacks as much larger enterprises, yet they don’t have the security expertise and resources available to those larger firms.
While attacks on the eBays and Sonys of the world make the headlines there’s no doubt that smaller firms are getting hit. And getting hit hard.
Figures from Sophos suggest about 30,000 websites a day are being compromised by cyber bad guys – most of those will be the public face of one SME or others.
Even for a small firm, the cost of clearing up a breach of cyber security could be considerable, may be even hundreds of thousand of Baht if not more. This could mean the difference between keeping trading and going bust.
This lack of focus on cyber security is understandable as most small and medium-sized enterprises (SMEs) spent most of their time on core commercial activity such as keeping customers happy, seeking out new clients and engaging in all the basic day-to-day admin needed to keep their enterprise afloat.
But the nature of commerce in the 21st century means that there are relatively few SMEs that do not make heavy use of technology.
Ecommerce, websites, apps, smartphones, tablets, social media and cloud services were all now standard ways of doing business in the 21st and there are some SMEs that are based entirely around technology but that does not make them experts in how to keep their digital business secure.
Nowadays everyone is a target and need to look externally to security firms for help.
Everyone is familiar with attempts to penetrate internal networks to steal payment information or customer data records but may be less knowledgeable about invoice fraud, ransomware, malvertising, or even attacks that “scrape” websites with automated tools to steal all the information about prices and products they contain.
So, start with the basics. This includes anti-virus software, firewalls, spam filters on email gateways and keeping devices up to date. This will defeat the majority of the low level threats that those busy cyber thieves are churning out.
In addition, security is no longer about setting up a fortress around your systems, servers and staff to keep the bad guys out. Now, the way data flows between SMEs, their supply chains and customers has made it impossible to maintain the fortress-like security stance.
But having a good sense of where data goes and who uses it can help limit the damage if it goes astray. Having control of that data, knowing its value and where it is going, can help a company guard against it leaking out accidentally and maliciously. For instance, having that control might help a firm spot that a server was accidentally exposed to the net and private information was viewable by anyone. It can also help SMEs keep an eye on their suppliers and partners to ensure that data is handled appropriately.
And finally firms need to put in place a plan for what happens when a breach or security incident does occur. It’s not a question of IF something bad will happen but WHEN and what you do about it.