Too often cybersecurity is seen as a concern only for large enterprises. However small and medium-sized businesses (SMBs) are increasingly finding themselves in the crosshairs of cybercriminals.
Contrary to the belief that cybercriminals only go after the big fish, the reality is somewhat different. There is recent data that shows that 57% of organisations with 100-5000 users experienced at least one cyberattack in the last 12 months, costing an average of $5.34 million per attack.
Obviously, cybersecurity awareness is crucial for businesses of all sizes and yet many SMBs operate under the misconception that they’re too small to be targeted. This often leads to complacency in implementing the right level of security measures. Cybercriminals do not discriminate based on size. Understanding the risks and taking proactive steps to mitigate them is essential for protecting your business. No business is too small for cybercriminals, and the cost of being a victim are high.
What Exactly Is Cybercrime?
Put simply, cybercrime refers to criminal activities carried out using computers or the internet. This can include stealing sensitive data, spreading malware, committing fraud, or disrupting operations. Cybercriminals exploit vulnerabilities in systems, networks, and human behaviour to achieve their goals, often with devastating consequences for their victims.
Common Cybersecurity Terms Explained
To help understand the world of cybersecurity, here are some common terms you will often hear, hopefully explained in a non-technical way:
– Malware: Malicious software designed to damage, disrupt, or gain unauthorised access to computer systems.
– Phishing: A technique where cybercriminals attempt to trick individuals into providing sensitive information by pretending to be a trustworthy entity in an email, SMS, or other communication.
– Ransomware: A type of malware that encrypts a victim’s data, demanding a ransom to restore access.
– Firewall: A network security device that monitors and controls incoming and outgoing network traffic based on predetermined security rules.
– Encryption: The process of converting data into a code to prevent unauthorised access.
– Patch: A software update that fixes bugs and vulnerabilities.
– Multi-Factor Authentication (MFA): A security system that requires more than one method of authentication to verify the user’s identity.
– Vulnerability: A weakness in a system that can be exploited by cybercriminals.
– Social Engineering: Manipulating individuals into divulging confidential information by tricking them.
– Whitelisting: Allowing only approved software and applications to run on your system.
– VPN (Virtual Private Network): A secure and encrypted connection that creates a private network over a public network like the internet, allowing remote users to access internal resources securely.
– DDoS (Distributed Denial of Service) Attack: A type of cyber attack where multiple compromised systems are used to overwhelm a target system or network with a flood of internet traffic, causing it to become unavailable or crash.
– Zero-day Vulnerability: A software vulnerability that is unknown to the vendor or developer, leaving systems potentially exposed until a patch is released.
– Penetration Testing: The practice of simulating cyber attacks on an organisation’s systems and networks to identify vulnerabilities and assess the effectiveness of security controls.
– Sandboxing: A security practice of isolating and running untrusted programs or code in a controlled and restricted environment to prevent potential damage to the host system.
– SQL Injection: A technique used by attackers to exploit vulnerabilities in web applications by inserting malicious SQL code, potentially allowing them to access or manipulate sensitive data in databases.
– Man-in-the-Middle (MitM) Attack: A cyber attack where the attacker secretly intercepts and potentially alters communications between two parties, allowing them to eavesdrop or manipulate the data being exchanged.
– Data Breach: An incident where sensitive, protected, or confidential data is accessed or disclosed without authorisation.
Understanding these terms is crucial for grasping the basics of cybersecurity and why it matters for your business.
What Makes SMBs Attractive Targets?
Cybercriminals have several reasons for targeting SMBs:
- Limited Security Budgets: Many SMBs operate on tight budgets and cannot afford to implement comprehensive cybersecurity measures. This financial constraint makes them easy targets for attackers who are well aware of the weak defences.
- Lack of Processes: Unlike large corporations, SMBs often do not have the structured processes in place to regularly update and patch their hardware and software. Unpatched systems are a goldmine for cybercriminals, providing an easy entry point for attacks. The top 5 most widespread network attacks used against SMBs exploit vulnerabilities that are several years old, some even over 10 years old. This highlights the importance of maintaining proper security hygiene and timely patching.
- Underestimation of Risk: SMBs often underestimate their risk level, believing they are too small to be noticed by cybercriminals. This complacency can lead to inadequate protection and ultimately, security breaches. As per a recent Mastercard study, 309,000 Australian small business leaders admit experiencing cybersecurity issues, with 33% claiming financial losses as a result.
- Valuable Data: Regardless of size, all businesses handle valuable data, be it customer information, financial records, or proprietary information. Cybercriminals know that even small businesses have data worth stealing. Recent incidents have seen databases containing personal details of students from an educational institution in Melbourne and over a million customer records from hospitality venues across New South Wales being exposed.
- Lack of Prioritisation: According to the Mastercard study, only 22% of Australian small businesses cite cybersecurity as a priority, with customer acquisition (62%), client relationships (60%), and growth (54%) taking precedence. While 52% worry about cyber-attacks, an equal 52% say investing in cybersecurity is too costly amid rising operating costs and economic pressures.
Given these vulnerabilities, it’s clear that SMBs need robust cybersecurity strategies. This brings us to the Essential Eight, a set of fundamental security measures that can help protect businesses of all sizes
Understanding and Implementing the Essential Eight
The Australian Cyber Security Centre (ACSC) developed the Essential Eight to help businesses mitigate cybersecurity risks. These eight crucial mitigation strategies can significantly reduce the risk of cyber incidents. The good news is that these strategies can be adopted with relative ease, even by smaller businesses.
- Application Whitelisting: This involves only allowing approved software to run on your systems. By blocking unauthorised applications, you reduce the risk of malicious software being executed.
- Patch Applications: Regularly updating software to fix vulnerabilities is crucial. Cybercriminals often exploit known vulnerabilities that remain unpatched.
- Configure Microsoft Office Macro Settings: Macros are small programs that can automate tasks but can also be used to deliver malware. Configuring macro settings to block untrusted macros can prevent malicious code from running.
- User Application Hardening: Disabling unnecessary features in applications (like Flash, which is no longer supported) reduces the attack surface available to cybercriminals.
- Restrict Administrative Privileges: Limiting admin privileges to only those who need them and regularly reviewing these privileges can prevent attackers from gaining control over your systems.
- Patch Operating Systems: Just like applications, operating systems need regular updates to fix security vulnerabilities. Ensuring your OS is up-to-date is a fundamental step in securing your environment.
- Multi-Factor Authentication (MFA): MFA adds an extra layer of security by requiring multiple forms of verification before granting access. This can significantly reduce the risk of unauthorized access.
- Daily Backups: Regularly backing up your data ensures that you can recover quickly from a cyber incident. It’s important to test these backups to make sure they work when you need them.
While the Essential Eight might seem daunting at first, you can implement these strategies step by step:
- Start Small: Begin with the most critical measures such as patching applications and operating systems, and gradually build up to the full suite of controls.
- Leverage Managed Services: Many SMBs can benefit from managed IT services that offer cybersecurity solutions tailored to their needs. This can help in implementing and maintaining robust security practices without the need for a large in-house IT team.
- Regular Training: Educate your staff about cybersecurity best practices. Employees are often the first line of defence against cyber threats.
- Use Tools and Software: There are numerous affordable tools available that can automate many of the tasks outlined in the Essential Eight, making it easier for SMBs to stay protected.
- Ongoing Monitoring and Review: Cybersecurity threats and vulnerabilities are constantly evolving, so it’s essential to regularly monitor your systems and review your security measures to ensure they remain effective.
- Regulatory Compliance: Depending on the industry and jurisdiction, SMBs may also need to consider regulatory compliance requirements related to data protection and cybersecurity. Failure to comply can result in severe penalties and reputational damage.
Conclusion
So, as you can see, cybersecurity is not just a concern for large companies; SMBs are equally at risk and often more vulnerable due to limited resources and lack of structured processes. By understanding and implementing frameworks like the Essential Eight, you can significantly enhance your cybersecurity posture. Additionally, enabling multi-factor authentication, conducting regular security assessments, providing ongoing employee training, and ensuring the ability to scan encrypted traffic are critical steps in defending against cyber threats.
The rise of cybercrime does add to the challenges facing Australian SMBs. The Australian Cyber Security Centre received over 76,000 cybercrime reports in 2021-22, a 13% increase from the previous year. Successful attacks can disrupt operations, impact revenue, increase costs, damage reputation, and strain customer relations.
Remember, no business is too small for cybercriminals, but with the right strategies and awareness, every business can defend itself against cyber threats.