The 6 things family and privately owned businesses need to know about Cyber Security

NATIONAL

MGA TMA members businesses are constantly at risk of being breached by a cyber-attack. It is awful when it happens as it creates unprecedented chaos within a supermarket environment. A store operator loses complete control over the most basic IT applications that are used in the day-to-day operation of a grocery store and supermarket. Members please be warned a cyber-attack will cripple your business – vital point of sale systems, data bases and customer information are at risk if you do not take the appropriate precautions to protect your IT systems and software.

Entrepreneurs and SMBs can do a lot to build strong shields and mitigate the risk of breaches, in addition to minimising the damage if a breach occurs. To help your business develop a stronger cybersecurity posture, six security professionals provided some of their most useful advice – and you can bet it is about more than passwords.

Many entrepreneurs, start-up founders and small business owners might think of themselves as minnows compared to Fortune 500 whales. They assume they are too small to attract the attention of hackers and cyber attackers. But that is not how bad actors see it.

“Do not think you are too small to be affected,” says Erik Knight, the founder and CEO of SimpleWAN. “Every place you have an employee or office is a potential entry point. Take it seriously; if you have something worth taking, a hacker will try to take it.”

Knight says small businesses are easier targets because they often fail to perform security audits, put in the resources to protect themselves or even carry the right insurance coverage. Hackers see small businesses as easy cases to crack.

Vats Srivatsan, the President and Chief Operating Officer of ColorTokens, warns against thinking of security as a nice-to-have. Security is something that requires 100% investment and effort, not something that can be approached halfway. The truth is that the effects of an attack can be disastrous to any company’s bottom line.

Cybersecurity attacks can result in monetary loss, stolen IPs and downtime. “If a small business were to have a data breach, it could create a lack of trust among customers and employees, causing them to switch to a more prominent brand name they think can do a better job protecting them,”

Srivatsan says. A recent survey showed that 37% of small businesses have lost customers and 17% have lost revenue due to downtime, proving that security should be considered a business problem.

With the growing rate of data breaches, phishing schemes and other cyberattacks emerging from the coronavirus pandemic, members can no longer keep their heads buried in the sand. “It is not a question of if you will have an issue, but when,” says Thomas Supercinski, the Head of Product Development at Frogslayer.

Assume your business will suffer a cyberattack and remember that the detection and response are just as important as prevention efforts. Supercinski says it is vital to outline

NATIONAL

how your business will handle security issues once they occur. He says, “Just like anything else, make a plan to address risks, and then work the plan.” That plan should address how quickly your company can detect the issue, the layers of control to minimise the effects and proactive measures to manage your response.

Taking a 100% cybersecurity approach might feel overwhelming to MGA TMA Members and SMB owners, especially because many owners don’t count cybersecurity as a core competency. Tony Buffomante, Senior Vice President and Global Head of Cyber Risk Services at Wipro Ltd., suggests where to start: “Identify your most critical data assets, sometimes referred to as the ‘crown jewels’ of the organisation.”

These crown jewels might be your point-of-sale system, proprietary IP, market share, customer data or other assets.

“Once you determine what is most important to you, perform an exercise to determine where this information is residing in your business,” Buffomante suggests. Then, build a keep around those assets.

You might already have a good starting place. Buffomante says you might be able to lean on embedded security capabilities on the technologies and platforms your company already uses.

During the mass exodus out of offices and businesses and into remote work, many companies learned that endpoint users (their employees) can often be the weakest links in a cyber defence strategy. Hackers will look for entry points in employee IoT devices and unsecured home networks.

Yet it is not all bad news: People can also be some of the biggest assets when it comes to cybersecurity. Rishi Malik, the founder of Backstop.it, suggests identifying those weak points, providing extra security measures there and educating employees about the risks. “Phishing is your biggest risk, so ensure everyone is using multi-factor authentication (MFA) everywhere,” Malik says.

“Then ensure you’re running a virus/malware scan on each computer. Finally, ensure you have backups of all your data nightly.” Malik also suggests “finding the right people” when it comes to cybersecurity partners. He says, “If you can’t talk deeply about your business and how you make money with a security professional, keep looking.” With educated, comfortable employees and the right partners, your company will be much more resilient to cyber-attacks.

MGA TMA member’s culture around security extends beyond its digital footprint. After all, stolen devices have accounted for some of the biggest data breaches and IP theft.

In the healthcare industry alone for example, 68% of data breaches were due to the loss or theft of devices or files. Clay Gervais, the vice president of sales for smart lock company Digilock, says it is important to build a sense of belonging and safety, even as the workplace becomes more agile and perhaps less physical.

It is important to properly secure connected devices and other items.

Workers who decide to hot desk or hotel will need protected places to store their belongings. “From installation to user access, personal storage security should be simple and robust,” Gervais says. That way, your employees will feel more empowered and confident in the workplace’s security overall.

In response to the coronavirus pandemic, MGA TMA member’s businesses and consumers alike have been thinking about what safety means to them.

Security is a major investment for all family and small businesses, and it remains critically important as breaches, phishing and other attacks continue to crawl upward in frequency.

Uphold the commitment to safety by protecting your company’s crown jewel assets, your employee’s information, and your customer’s data – beyond updating your passwords.

Quantum Finance Brokers / Forbes

MGA’s trusted partners are here to help. • Adroit Insurance Risk Advisor - contact 1300 MY ADROIT • GPK Group in Brisbane 1300 000 475