Close Menu
TechCentralTechCentral

    Subscribe to the newsletter

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    Facebook X (Twitter) YouTube LinkedIn
    WhatsApp Facebook X (Twitter) LinkedIn YouTube
    TechCentralTechCentral
    • News

      South Africa begins complex job of overhauling media laws

      13 July 2025

      Nvidia CEO to hold high stakes media briefing in Beijing

      13 July 2025

      Blue Label Telecoms to change its name as restructuring gathers pace

      11 July 2025

      Get your ID delivered like pizza – home affairs’ latest digital shake-up

      11 July 2025

      EFF vows to stop Starlink from launching in South Africa

      11 July 2025
    • World

      Grok 4 arrives with bold claims and fresh controversy

      10 July 2025

      Bitcoin pushes higher into record territory

      10 July 2025

      Cupertino vs Brussels: Apple challenges Big Tech crackdown

      7 July 2025

      Grammarly acquires e-mail start-up Superhuman

      1 July 2025

      Apple considers ditching its own AI in Siri overhaul

      1 July 2025
    • In-depth

      Siemens is battling Big Tech for AI supremacy in factories

      24 June 2025

      The algorithm will sing now: why musicians should be worried about AI

      20 June 2025

      Meta bets $72-billion on AI – and investors love it

      17 June 2025

      MultiChoice may unbundle SuperSport from DStv

      12 June 2025

      Grok promised bias-free chat. Then came the edits

      2 June 2025
    • TCS

      TCS+ | MVNX on the opportunities in South Africa’s booming MVNO market

      11 July 2025

      TCS | Connecting Saffas – Renier Lombard on The Lekker Network

      7 July 2025

      TechCentral Nexus S0E4: Takealot’s big Post Office jobs plan

      4 July 2025

      TCS | Tech, townships and tenacity: Spar’s plan to win with Spar2U

      3 July 2025

      TCS+ | First Distribution on the latest and greatest cloud technologies

      27 June 2025
    • Opinion

      In defence of equity alternatives for BEE

      30 June 2025

      E-commerce in ICT distribution: enabler or disruptor?

      30 June 2025

      South Africa pioneered drone laws a decade ago – now it must catch up

      17 June 2025

      AI and the future of ICT distribution

      16 June 2025

      Singapore soared – why can’t we? Lessons South Africa refuses to learn

      13 June 2025
    • Company Hubs
      • Africa Data Centres
      • AfriGIS
      • Altron Digital Business
      • Altron Document Solutions
      • Altron Group
      • Arctic Wolf
      • AvertITD
      • Braintree
      • CallMiner
      • CambriLearn
      • CYBER1 Solutions
      • Digicloud Africa
      • Digimune
      • Domains.co.za
      • ESET
      • Euphoria Telecom
      • Incredible Business
      • iONLINE
      • Iris Network Systems
      • LSD Open
      • NEC XON
      • Network Platforms
      • Next DLP
      • Ovations
      • Paracon
      • Paratus
      • Q-KON
      • SevenC
      • SkyWire
      • Solid8 Technologies
      • Telit Cinterion
      • Tenable
      • Vertiv
      • Videri Digital
      • Wipro
      • Workday
    • Sections
      • AI and machine learning
      • Banking
      • Broadcasting and Media
      • Cloud services
      • Contact centres and CX
      • Cryptocurrencies
      • Education and skills
      • Electronics and hardware
      • Energy and sustainability
      • Enterprise software
      • Fintech
      • Information security
      • Internet and connectivity
      • Internet of Things
      • Investment
      • IT services
      • Lifestyle
      • Motoring
      • Public sector
      • Retail and e-commerce
      • Science
      • SMEs and start-ups
      • Social media
      • Talent and leadership
      • Telecoms
    • Events
    • Advertise
    TechCentralTechCentral
    Home » In-depth » How small business should tackle cybersecurity

    How small business should tackle cybersecurity

    By The Conversation19 April 2017
    Twitter LinkedIn Facebook WhatsApp Email Telegram Copy Link
    News Alerts
    WhatsApp

    Large-scale cyberattacks with eye-watering statistics, like the breach of a billion Yahoo accounts in 2016, grab most of the headlines. But what often gets lost in the noise is how often small and medium-sized organisations find themselves under attack.

    In the last year, half of American small businesses have been breached by hackers. That includes Meridian Health in Muncie, Indiana, where 1 200 workers’ W-2 forms were stolen when an employee was duped by an e-mail purporting to come from a top company executive. Many small companies are just one fraudulent wire transfer away from going out of business.

    There’s lots of advice available about how to fight cybercrime, but it’s hard to tell what’s best. I am a scholar of how businesses can more effectively mitigate cyber risk, and my advice is to know the three B’s of cybersecurity: be aware, be organised and be proactive.

    Here’s how more companies can boost their cybersecurity preparedness without breaking the bank.

    Be aware

    Almost any company can be vulnerable to a range of cyberattacks. A company manager or network security professional needs to know about the various types of digital threats and how to limit vulnerability.

    There are some attacks that every employee should know about. The most common attacks use a method called “phishing”, or a variant that specifically targets one potential victim, called “spearphishing”. These typically take the form of e-mail messages that appear to be sent by co-workers or supervisors asking for sensitive information. That’s what happened to the health care company in Muncie. These messages can contain instructions that a victim might follow, believing them legitimate — such as clicking a link that installs malware or captures login information, or even making a wire transfer to another business’s account.

    The best defenses against these types of attacks involve scepticism and vigilance. Attackers can be very clever and persistent: if just one person has one weak moment and clicks on one malicious link, an entire network can be compromised.

    Be organised

    Most companies go to great lengths to protect their physical assets and personnel. But many do not take similar precautions with their digital information. A key computer may be kept disconnected from the Internet, but if it accepts flash drives or rewriteable CDs, or if its password is easy to guess, the information is just as vulnerable.

    Small business owners need to prioritise cybersecurity. Without proper preparation, even large companies can find themselves unprepared for cyberattacks. When Sony was hacked in 2011, it did not have an executive focused solely on information security. But hiring someone did not prevent another hack in 2014.

    Be proactive

    Planning ahead is vital, instead of just being reactive. The US National Institute for Standards and Technology Cybersecurity Framework lists five main functions of cybersecurity efforts: Identify vulnerabilities, protect against attacks, detect anyone who gets through, respond to the attack quickly and recover after the attack has been stopped.

    Some companies are already receiving advice that following the NIST guidelines can reduce legal liability if cybersecurity problems arise or are discovered. Companies can also work with colleges and universities to create cybersecurity clinics, or even consider buying cyber risk insurance.

    There’s no way to avoid being the target of a cyberattack, but that doesn’t mean becoming a victim. Simple steps can have huge results: The Australian government reported resisting 85% of cyberattacks by taking three basic steps: restricting which programs can run on government computers, keeping software updated regularly and minimising the number of people who have administrative control over networks and key machines.

    Cybersecurity doesn’t have to be rocket science; it’s just computer science. The Conversation

    • Scott Shackelford is associate professor of business law and ethics; director, Ostrom workshop programme on cybersecurity and Internet governance; and cybersecurity programme chair, IU-Bloomington, Indiana University
    • This article was originally published on The Conversation


    Subscribe to TechCentral Subscribe to TechCentral
    Share. Facebook Twitter LinkedIn WhatsApp Telegram Email Copy Link
    Previous ArticleProsecutors zero in on Samsung bribery claims
    Next Article Inflation falls to six-month low

    Related Posts

    South Africa begins complex job of overhauling media laws

    13 July 2025

    Nvidia CEO to hold high stakes media briefing in Beijing

    13 July 2025

    Blue Label Telecoms to change its name as restructuring gathers pace

    11 July 2025
    Company News

    $125-trillion traded: Binance redefines global finance in just eight years

    11 July 2025

    NEC XON welcomes HPE acquisition of Juniper Networks

    11 July 2025

    LTE Cat 1 vs Cat 1 bis – what’s the difference?

    11 July 2025
    Opinion

    In defence of equity alternatives for BEE

    30 June 2025

    E-commerce in ICT distribution: enabler or disruptor?

    30 June 2025

    South Africa pioneered drone laws a decade ago – now it must catch up

    17 June 2025

    Subscribe to Updates

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    © 2009 - 2025 NewsCentral Media

    Type above and press Enter to search. Press Esc to cancel.