The echo chamber of doom around Australian SMBs susceptibility to cybercrime is a recipe for cyberfatigue – and tinnitus – if you give it too much attention. That’s not to discount the essence of the message, however. The Australian Small Business and Family Enterprise Ombudsman acknowledges that small businesses in Australia are indeed the targets of about half the cybercrime that’s perpetrated.
There are two ways SMBs can look at the immensity of the cybersecurity threat landscape. They can succumb to it by way of cyberfatigue or they can use it as a trigger to intensify their cyber resilience.
The following five steps are important ones you can take on the road from cyberfatigue and towards cyber resilience.
Create a cybersecurity plan
If your small business presently has no cybersecurity plan, the good news is that things can certainly get better. Cybersecurity plans vary in complexity and magnitude but even a basic one as a starting point can put into perspective the action you need to take to strengthen your cyber resilience.
Typical goals to set revolve around identifying the company assets you wish to protect, compliance obligations and showing clients you take data protection seriously. You also need to evaluate the biggest threats to your business and determine how each of your employees are going to be involved in protecting the company against these threats. Your plan of action will be stronger if you ensure all employees are aware of it and understand its importance.
Modernise your technology
Legacy technology, at its worst, isn’t just crusty – it can be toxic for SMBs trying to stay vigilant against advancing cyber threats. Modern cybersecurity today features technological advances in areas such as artificial intelligence, machine learning, user behaviour analysis and blockchain. Cloud security platforms such as Cisco Umbrella at the forefront of cybersecurity modernisation.
Umbrella’s layered defence, for example, enables SMBs to protect their users from cyber threats anywhere they access the internet. This technology offers small business owners intelligence to identify current and imminent threats, a birds-eye view of activity across all devices and ports and a shield to protect employees from phishing, malware and ransomware.
If you’re still in the world of hardware installations and manual software updates, cloud-based security solutions are one way to strengthen your cyber resilience without causing cyberfatigue.
Review your strategy
It’s a big step to have a cyber strategy but it should be regularly reviewed too. Some of the measures of your strategy’s effectiveness might be around cyber threat detection times, threat response times and the efficiency of recovery processes in the instance of an attack. This information is all valuable evidence you’re complying with laws and regulations and keeping your customers’ data safe.
It’s definitely a good idea to know how you’ll address your customers, stakeholders and legal issues if your business ever is hit big by a cyber attack. It’s also important to know that statistics in the last few years indicate more than half of Australian small businesses who are hit by a cyber attack don’t survive more than six months.
If you sustain an attack, your incident response plan should outline your employees’ key roles and responsibilities, key tools you’ll need to respond, the authorities to alert, public relations management and the post-incident reviewing and reporting you’ll need to undertake.
Cyber liability insurance
Cyber liability insurance covers businesses for expenses and legal costs they incur when they’re subject to a data breach. Cyber liability insurance is obviously a blessing for SMB’s in extremely adverse circumstances but your investment in it is something to weigh up against the threats you identify your business is facing. Authorised insurance companies are listed on the Australian Prudential Regulatory Authority’s (APRA’s) register of general insurers and an insurance policy can be well worth it for the right small business.
All these factors are integral considerations in adopting a layered approach to cyber resilience. That approach, too, can ultimately prove the difference between your business’s success or failure, so it’s essential to give it due attention.
Discover how your small business can be better protected from cybersecurity threats. Sign up for a free trial of Cisco Umbrella.