TechCentralTechCentral
    Facebook Twitter YouTube LinkedIn
    Facebook Twitter LinkedIn YouTube
    TechCentral TechCentral
    NEWSLETTER
    • News

      Unlawful Eskom strike costing South Africa three stages of load shedding

      1 July 2022

      Striking Eskom workers will face consequences: De Ruyter

      1 July 2022

      The AI tool that has changed my life as a developer

      1 July 2022

      Google.co.za is down and the domain is pending deletion

      1 July 2022

      US files charges over South African bitcoin fraud scheme

      1 July 2022
    • World

      Meta girds for ‘fierce’ headwinds

      1 July 2022

      Graphics card prices plummet as crypto demand dries up

      30 June 2022

      Bitcoin just had its worst quarter in a decade

      30 June 2022

      Samsung beats TSMC to 3nm chip production

      30 June 2022

      Napster plots crypto comeback

      29 June 2022
    • In-depth

      The NFT party is over

      30 June 2022

      The great crypto crash: the fallout, and what happens next

      22 June 2022

      Goodbye, Internet Explorer – you really won’t be missed

      19 June 2022

      Oracle’s database dominance threatened by rise of cloud-first rivals

      13 June 2022

      Everything Apple announced at WWDC – in less than 500 words

      7 June 2022
    • Podcasts

      How your organisation can triage its information security risk

      22 June 2022

      Everything PC S01E06 – ‘Apple Silicon’

      15 June 2022

      The youth might just save us

      15 June 2022

      Everything PC S01E05 – ‘Nvidia: The Green Goblin’

      8 June 2022

      Everything PC S01E04 – ‘The story of Intel – part 2’

      1 June 2022
    • Opinion

      Has South Africa’s advertising industry lost its way?

      21 June 2022

      Rob Lith: What Icasa’s spectrum auction means for SA companies

      13 June 2022

      A proposed solution to crypto’s stablecoin problem

      19 May 2022

      From spectrum to roads, why fixing SA’s problems is an uphill battle

      19 April 2022

      How AI is being deployed in the fight against cybercriminals

      8 April 2022
    • Company Hubs
      • 1-grid
      • Altron Document Solutions
      • Amplitude
      • Atvance Intellect
      • Axiz
      • BOATech
      • CallMiner
      • Digital Generation
      • E4
      • ESET
      • Euphoria Telecom
      • IBM
      • Kyocera Document Solutions
      • Microsoft
      • Nutanix
      • One Trust
      • Pinnacle
      • Skybox Security
      • SkyWire
      • Tarsus on Demand
      • Videri Digital
      • Zendesk
    • Sections
      • Banking
      • Broadcasting and Media
      • Cloud computing
      • Consumer electronics
      • Cryptocurrencies
      • Education and skills
      • Energy
      • Fintech
      • Information security
      • Internet and connectivity
      • Internet of Things
      • Investment
      • IT services
      • Motoring and transport
      • Public sector
      • Science
      • Social media
      • Talent and leadership
      • Telecoms
    • Advertise
    TechCentralTechCentral
    Home»In-depth»How small business should tackle cybersecurity

    How small business should tackle cybersecurity

    In-depth By The Conversation19 April 2017
    Facebook Twitter LinkedIn WhatsApp Telegram Email

    Large-scale cyberattacks with eye-watering statistics, like the breach of a billion Yahoo accounts in 2016, grab most of the headlines. But what often gets lost in the noise is how often small and medium-sized organisations find themselves under attack.

    In the last year, half of American small businesses have been breached by hackers. That includes Meridian Health in Muncie, Indiana, where 1 200 workers’ W-2 forms were stolen when an employee was duped by an e-mail purporting to come from a top company executive. Many small companies are just one fraudulent wire transfer away from going out of business.

    There’s lots of advice available about how to fight cybercrime, but it’s hard to tell what’s best. I am a scholar of how businesses can more effectively mitigate cyber risk, and my advice is to know the three B’s of cybersecurity: be aware, be organised and be proactive.

    Here’s how more companies can boost their cybersecurity preparedness without breaking the bank.

    Be aware

    Almost any company can be vulnerable to a range of cyberattacks. A company manager or network security professional needs to know about the various types of digital threats and how to limit vulnerability.

    There are some attacks that every employee should know about. The most common attacks use a method called “phishing”, or a variant that specifically targets one potential victim, called “spearphishing”. These typically take the form of e-mail messages that appear to be sent by co-workers or supervisors asking for sensitive information. That’s what happened to the health care company in Muncie. These messages can contain instructions that a victim might follow, believing them legitimate — such as clicking a link that installs malware or captures login information, or even making a wire transfer to another business’s account.

    The best defenses against these types of attacks involve scepticism and vigilance. Attackers can be very clever and persistent: if just one person has one weak moment and clicks on one malicious link, an entire network can be compromised.

    Be organised

    Most companies go to great lengths to protect their physical assets and personnel. But many do not take similar precautions with their digital information. A key computer may be kept disconnected from the Internet, but if it accepts flash drives or rewriteable CDs, or if its password is easy to guess, the information is just as vulnerable.

    Small business owners need to prioritise cybersecurity. Without proper preparation, even large companies can find themselves unprepared for cyberattacks. When Sony was hacked in 2011, it did not have an executive focused solely on information security. But hiring someone did not prevent another hack in 2014.

    Be proactive

    Planning ahead is vital, instead of just being reactive. The US National Institute for Standards and Technology Cybersecurity Framework lists five main functions of cybersecurity efforts: Identify vulnerabilities, protect against attacks, detect anyone who gets through, respond to the attack quickly and recover after the attack has been stopped.

    Some companies are already receiving advice that following the NIST guidelines can reduce legal liability if cybersecurity problems arise or are discovered. Companies can also work with colleges and universities to create cybersecurity clinics, or even consider buying cyber risk insurance.

    There’s no way to avoid being the target of a cyberattack, but that doesn’t mean becoming a victim. Simple steps can have huge results: The Australian government reported resisting 85% of cyberattacks by taking three basic steps: restricting which programs can run on government computers, keeping software updated regularly and minimising the number of people who have administrative control over networks and key machines.

    Cybersecurity doesn’t have to be rocket science; it’s just computer science. The Conversation

    • Scott Shackelford is associate professor of business law and ethics; director, Ostrom workshop programme on cybersecurity and Internet governance; and cybersecurity programme chair, IU-Bloomington, Indiana University
    • This article was originally published on The Conversation
    Share. Facebook Twitter LinkedIn WhatsApp Telegram Email
    Previous ArticleProsecutors zero in on Samsung bribery claims
    Next Article Inflation falls to six-month low

    Related Posts

    The NFT party is over

    30 June 2022

    The great crypto crash: the fallout, and what happens next

    22 June 2022

    Goodbye, Internet Explorer – you really won’t be missed

    19 June 2022
    Add A Comment

    Comments are closed.

    Promoted

    Billetterie simplifies interactions between law firms and clients

    30 June 2022

    Think herding cats is tricky? Try herding a cloud

    29 June 2022

    How your business can help hybrid workers effectively

    28 June 2022
    Opinion

    Has South Africa’s advertising industry lost its way?

    21 June 2022

    Rob Lith: What Icasa’s spectrum auction means for SA companies

    13 June 2022

    A proposed solution to crypto’s stablecoin problem

    19 May 2022

    Subscribe to Updates

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    © 2009 - 2022 NewsCentral Media

    Type above and press Enter to search. Press Esc to cancel.