From today, businesses are legally required to report ransomware payments.

If someone extorts payment from you by locking up your data, you now have 72 hours to tell the Government – or potentially face disciplinary action.

The rule change will apply to businesses with an annual turnover of $3 million or more; you’ll also be obligated to pay if you’re responsible for a “critical infrastructure asset” (under Part 2B of the 2018 SOCI Act). Non-monetary payments (e.g. services, gifts, or information) will also need to be reported.

Note that this change doesn’t mean you have to report every ransomware attack – just instances where a payment was made. You might still need to report under existing obligations, but small businesses are generally exempt from these.

Small businesses still need to take action

Though the new rules target larger businesses – who are more likely to pay extortioners – that doesn’t mean that small businesses don’t get attacked.

“Small business gets targeted all the time,” said IT consultant and Tech Seek founder Fil Strati.

Strati, who works with small businesses, once had a small dental clinic on his books who lost their files to a ransomware attack. All the files were infected except for the database files for their practice software. The clinic didn’t pay the ransom, and the files weren’t critical, but it was still a memorable lesson.

“[The malware] wasn’t looking for those particular files,” Strati explained. “They were lucky.”

Meanwhile, larger firms have been picking up a shift in targets when it comes to ransomware attacks.

“Our Incident Response team has noticed a shift away from ‘big game hunting’, or ransomware attacks targeting the big end of town, and towards SMEs who are generally less prepared,” said Mark Thomas, Director of Security Services ANZ at Arctic Wolf.

What you need to know

Never pay a ransom. If you do pay up, said Strati, there’s no guarantee you get your data back. And paying can tell a cybercriminal that you’re cashed up, making you vulnerable to retargeting.

Instead, small businesses should have a secure backup system in place, Strati advised.

“A lot of small-business owners will plug in an external hard drive and use that as their backup,” he explained. “But if that drive is connected, when you get infected, it will jump across to that drive as well.”

Beware of using cloud storage – that can also be infected by malware, Strati added.

As for how often you need to backup, that depends on how much data you can afford to lose. If you could lose a month’s worth of data, for instance, then maybe you only need to back up once a month.

If you are targeted – or if you have been targeted before – don’t feel bad. It can be easy to fall for a scam when you’re stressed or busy with running a business.

“It’s designed to catch you when you’re too busy,” said Strati. “We’re so busy doing what we’re doing.”

What can you do to protect yourself?

ISB asked Strati what a small-business owner can reasonably do to protect their business from a ransomware attack. Here are some steps you can take:

• Train your staff to recognise cyber threats.
• Use multi-factor authentication.
• Backup as frequently as you can afford to lose data.
• Physically separate your backups from your computer.
• Consider endpoint protection and response (EDR) software: In the event of an attack, this can help you figure out what data has been breached. Strati encourages businesses who handle sensitive data to consider this option.
• If you’re particularly concerned, consider paying your antivirus service provider for round-the-clock monitoring via a security operation centre, if your provider offers this.
• Never pay a ransom – this could just invite further extortion attempts later.
• Know who to call in the event of an attack – i.e. who owns your domain? Do you have a tech provider for your website?
• Make an emergency plan with contact details and clear steps in case an attack happens to you, so you can attack as quickly and calmly as possible.

The post New ransomware rules for businesses: Are you prepared for an attack? appeared first on Inside Small Business.

In Australia in the financial year 2021-22, 76,000 cybercrimes were reported – that’s one every seven minutes – and a 13 per cent increase on the previous year. The 25,000 calls to the Australian Cyber Security Hotline – or average 69 calls per day – was also a 15 per cent increase from last year. Overall, all sectors of the Australian economy were impacted by ransomware incidents, with the average cost per report increasing by 14 per cent on the previous year.

Cybersecurity is the responsibility of every SME and its personnel, to protect themselves, their client data and the data they work with – especially when there are limited resources. How much would it cost you, your business and your clients if that data fell into the wrong hands?

Solutions don’t have to be over-complicated or expensive:

1. Backup your data. Make a copy of it and store it offline, and offsite. Use a removable hard drive, cloud storage or secure data centre. This will protect you from data loss and ensure you can recover it if it’s stolen or corrupted. This action may involve policy implementation in consideration of endpoints, or the devices that your teams use to do their jobs. The nature of remote work, encryption and testing and retention has seen a rise in the uptake of professional backup services and security to manage the processes.
2. Secure your passwords and implement multi-factor authentication. The critical, fundamental layer to protecting our privacy and data is often the weakest. Bad password choice has contributed to 15.6 million data breaches across major organisations, as reported by Nordpass earlier this year. Installing a password protector and generator, and enabling multi-factor authentication adds another layer of security by asking users for a fingerprint, one-time passwords (OTPs) sent via email or text, or answering security questions.
3. Secure your devices and systems. Keep your software and systems updated via automatic updates; clicking ‘remind me later’ could be too late. The creators of software, apps and systems are always making their platforms more secure to stay ahead of criminals, so this is one of the simplest, most effective things you can do. Install security software that includes anti-virus, anti-spyware and anti-spam filters (and turn them on!) across all devices. Firewalls can also protect your internal network from external internet threats but require regular patching to be effective.
4. Train your staff and put policies in place. How much do your team members know about cybersecurity? Particularly if they are using their own personal equipment for their daily work? They need to be educated, to recognise that it’s their responsibility also, especially if their equipment is a gateway to your business. Policies can reinforce use, expectations around suspicious activity, and recognition of the risks.

If you feel you need more, you can encrypt important information, and monitor the use of business computer equipment and systems through additional software and security solutions.

Unfortunately, cybercrime will continue to increase. A recent survey revealed that SMEs throughout Germany, Singapore, the UK and the USA spent $57 billion on cybersecurity in 2020. Experts expect that to rise to $90 billion in 2025, with managed security services expected to account for 33 per cent of that investment.

The continuing trend of hybrid work will have an ongoing impact on the challenges for SMEs. Even while securing your remote business infrastructure, there is still the need to build the awareness and skills of employees. These are your frontline defence and can be the strongest link when it comes to cybersecurity for your business.

The post One cyber attack can ruin your small business – here’s how to take on scammers in 2023 appeared first on Inside Small Business.

It’s easy to believe these attacks only happen to massive enterprises, but smaller companies are also targets. The Australian Cyber Security Centre (ACSC) reported an annual increase of almost 13 per cent in cybercrime in its annual report (67,500 incidents), which is one cyber-attack every eight minutes, costing business more than $33 billion.  

According to ACSC, no sector was immune. Companies navigating work-from-home arrangements are especially susceptible to remote access malicious activity, and COVID-19-themed malicious cyber activity was trending last year. 

Two of the most common cybercrimes impacting businesses, especially SMEs, were: 

• Ransomware attacks (up 15 per cent) can cripple organisations, particularly smaller businesses when hackers encrypt devices and files and don’t allow companies access until a ransom is paid.
• Business Email Compromise (BEC), which cost the economy $81 million (an increase of 54 per cent). Criminals will impersonate recipients using spoof email accounts, update payment details and send out fake invoices. 

The Federal Government has since tightened regulations for telcos to enable them to share customer data with financial institutions when required to prevent or respond to cyber security incidents and then must be destroyed. Large companies are already facing compliance and reporting requirements alongside employing Chief Cyber Security Officers (CCSOs). It’s not unusual to spend over $50 million protecting their data, but as seen this month with Optus, Uber, Telstra and Rockstar Games, it doesn’t always work.

Small businesses don’t have the same resources to protect themselves. It requires more than anti-virus software, and with the leading cause of breaches being human error, it’s increasingly likely companies will become a statistic.

If your business is insured, you might think you’re covered for loss, but insurers are tightening their policies, and expect companies will have a solid level of data protection or they won’t pay out. The losses are enormous including financial loss and reputational damage, which can destroy a small business.

There are some actions small businesses can take to mitigate the risk of cyber-attacks on their own, but to enhance security, it is worth investing in a cyber security consultant:

#1: Prevention

Set up your edge devices (firewalls, servers, wireless router connections, etc.) with software that recognises specific cyberattacks and blocks them out. It is useful to protect information constantly being updated or changed. While some good DIY tools are available to, a cyber security consultant knows how to stop cyberattacks before they start.

#2: Detection

Once your preventative measures are in place and you start blocking any incoming attacks from the outside, you may feel invincible. However, employees could unwittingly invite malware or a bug into your network when they access a site that is not trusted. A cybersecurity company can detect the breach and isolate the attack, so it doesn’t spread. This is where the experts pay for themselves – they can detect a breach instantly. 

#3: Reaction

After an attack is discovered, you (or your cyber expert) must stop the attack. Once detected and isolated, a cybersecurity company that uses MEDR solutions will have a report that details the type of attack and what the best solution is going to be. Without experts working out the problem for you, you risk falling victim to a cyberattack. If ‘reaction’ is your first step, you’re already losing.

Cyber attacks represent more than just inconvenience to an SME. They can bring it to its knees, and destroy your reputation to such an extent business continuity is impossible. Investing in cybersecurity should be a must-have for small business.

The post Why cybersecurity should be a priority for all companies – especially SMEs appeared first on Inside Small Business.

Small businesses are some of the most at-risk organisations in Australia, making up 43 per cent of attacks that cost $300 million in 2021. 

While there are many things you can do to prevent cybercrime infiltrating your business, hackers are becoming more ambitious in their attempts.

From ransomware attacks that occur every 11 seconds to phishing, malware, remote access scams, and brute force attacks – can you be sure to fully mitigate the risk to your small business?  

But it’s not going to happen to you, right? You only hear about that in the news and no small business you know has been a victim of an attack. 

What the following examples will show is that it can happen to small Australian businesses like yours, and it’s crucial to have Cyber Liability insurance if you want to remain in business.

1. A hairy situation 

An Aussie hairdressing small business had their phone system connected through the Internet. When a hacker gained access to the system, they made unauthorised calls to a premium number for over a month. After a while, the small-business owner received their phone bill – $30,000 of unauthorised calls. 

Luckily, the small-business owner had a Cyber Liability policy, with the optional Social Engineering cover. This triggered the policy, and the bill was covered by the insurer. 

2. Insider IT sabotage 

A disgruntled employee of a mining business used malicious software to corrupt the business’s server. Files containing personal information including credit card information had been accessed. As a result, fraudulent credit card transactions were made in numerous locations around Australia.

A total of $1 million was paid for setting up a call centre to respond to enquiries, credit monitoring services for affected individuals, data restoration costs, together with legal fees incurred in reporting requirements to regulatory authorities.

Don’t wait any longer

At the end of the day, these are good news stories. An attack happened and they remained in business due to having the right safeguards in place. But imagine how the story might’ve ended if they hadn’t sorted out their Cyber Liability insurance? 

Don’t wait any longer. While there are many perks to being your own boss, protecting your business from cybercrime can get quite dramatic. Luckily with BizCover, sorting out your Cyber Liability insurance doesn’t have to be.  Visit bizcover.com.au to compare quotes or give us a call today – no dramas!  

*This information is general only and does not take into account your objectives, financial situation or needs. It should not be relied upon as advice. As with any insurance, cover will be subject to the terms, conditions and exclusions contained in the policy wording.  The provision of the claims examples are for illustrative purposes only and should not be seen as an indication as to how any potential claim will be assessed or accepted. Coverage for claims on the policy will be determined by the insurer, not BizCover.

© 2022 BizCover Pty Limited, all rights reserved. ABN 68 127 707 975; AFSL 501769 

The post Is your small business protected from cybercrime? appeared first on Inside Small Business.

For example, enthusiastic new starters can share an image on their first day, eager to get stuck in and promote their new position, but this could feature some confidential information for hackers to jump on. And it’s not just the new starters, senior staff are also vulnerable to exposing information or sharing damaging links.

The risks to using social media at work

Phishing attacks, links to spoofed websites, leaked data and compromised passwords are all potential issues associated with social media use.

Unmonitored or naive sharing online can be hacker heaven. For example, social posts can give scammers unique details to make phishing emails more believable. Once information is shared publicly on social media, vulnerability has opened up. Posts can provide clues to user credentials or location information. This can be even more damaging if an employee uses the same password across personal and corporate accounts, turning one success hack into multiple.

In addition to risks of oversharing online, there’s also risks of over-consumption. For example, clicking on suspicious links can bring ransomware into the corporate network, which can cause reputational and financial damage.

Tips for small businesses

To prevent potential attacks from social media use, businesses should have strong social media guidelines for staff and share this as part of their onboarding process, while regularly referring to this in cybersecurity training sessions. The risks of sharing data while emphasising the safety of both employees and the business should be clearly highlighted.

When setting up corporate social media accounts, businesses should ensure they are verified on all platforms, if possible, as this will reduce the risk of spoofed accounts. In the set up, they should ensure multi-factor authentication is turned on and passwords are as strong and secure as possible, with manual sign-in set as default. This will reduce the risk of hackers being able to sign into accounts unnoticed by staff.

Lastly, it’s highly important that corporate accounts are monitored, with a process to revoke access, recover hijacked accounts and block any malicious URLs.

Guidelines for staff

Employees can be a workplace’s biggest risk, with 47 per cent of Australian respondents reporting security naive employees as a concern in Mimecast’s State of Email Security Report, so it’s crucial to have strong guidelines in place for staff to follow. This is particularly important for social media as the line is blurred between personal and professional use.

Guidelines should be clear, concise and easy to digest for all employees. This should include:

• Clear ruling around what can and cannot be shared on both corporate and professional accounts.
• Examples of general scams and suspicious links for employees to be cautious of, as well as a list of trusted apps.
• Background into why it’s important to be cautious, once something is in public it can be hard to remove.
• A contact list/clear process for staff to report any security concerns.
• Tips on less obvious risks, including sharing images with confidential information in the background or location information, and filling out forms/quizzes online providing hackers with golden information.

All policies should be supported by consistent training to strengthen the messages and ensure they are routinely practiced. Social media use is increasing, and so are the risks.

Clear guidelines and effective training will help ensure businesses are limiting their risk to cyberattacks, while enjoying the benefits social media can bring to a business.

The post Why small businesses need to reconsider their social media posts appeared first on Inside Small Business.

In the wake of these attacks, 25 per cent of SMEs lost data, 17 per cent had to shut operations until the issue was fixed, and eight per cent had to pay ransom to end the attack.

Phishing (30 per cent) was found to be the most common type of cyber attack, followed by malware attacks (21 per cent) according to the research.

“Our research shows that preparing for and mitigating cyber attacks is a key priority for business owners, with almost two-thirds planning to invest in cyber security measures in the next 12 months,” Richard Johnson, Westpac’s Group Chief Information Security Officer, said. “Almost 90 per cent of small-business owners in Australia admit they could do more to educate themselves about cyber attacks, which is why we are launching this playbook, to help them be better prepared to manage one if it occurs.

“In the 2020-21 financial year, cyber attacks accounted for $33 billion in self-reported losses nationwide,”Johnson added. “Unfortunately, we are seeing a further rise in these attacks, as online businesses boom and more employees continue to work from home separated from the office systems built by employers to counter cyber attacks.”

The research noted that 62 per cent of small and medium-sized businesses will invest in cyber security measures in the next 12 months, while 41 per cent said they have a cyber attack response plan in place.

In the wake of the findings, Westpac launched its Cyber Response Playbook which is aimed to help businesses manage a cyber attack.

“A cyber response plan is crucial for hitting the ground running if there is a cyber incident,” Derek Bopping, First Assistant Director-General, Cyber, Engagement and Strategy Divison, Australian Cyber Security Centre, said. “Too often, we see small- and medium-sized businesses lose days and weeks to cyber attacks, simply because they are not prepared and don’t know how to handle an attack. As threats continue to rise we encourage every business to spend time planning for a potential attack.”

The post Research reveals extent of SMEs’ vulnerability to cyberattacks appeared first on Inside Small Business.

However, according to the latest Sophos State of Ransomware Report, 80 per cent of all mid-sized organisations in Australia were hit by ransomware in 2021, up from 45 per cent in 2020. By comparison, 66 per cent of all global respondents experienced a ransomware attack in 2021.

Still, many SMEs continue to take an “it won’t happen to us” approach and fail to comprehend the risks and implications of ransomware. This mentality needs to stop, as the days of cybercriminals exclusively targeting large organisations are long gone.

Unlike attacks on larger enterprises, individual attacks on SMEs won’t bring huge paydays for criminals in isolation. However, in recent years, threat actors have been launching attack campaigns on a range of smaller victims with weak defences over a short period of time, turning substantial profits through sheer volume.

Why?

Cybercriminals are now putting focus on small businesses that don’t have adequate cybersecurity controls in place to identify, stop or recover from attacks. Many small businesses are incredibly vulnerable, and lucrative as they’re seen as ‘easy wins’ for cybercriminals. Unfortunately, 60 per cent of small businesses that suffer a cyber attack go out of business within six months of an incident. So, why are small businesses so lucrative? It’s all about making as little noise as possible.

Authorities across the globe have ramped up defences against high-profile attacks; Australia appointed its first ever Federal Minister for Cyber Security, and the FBI has tracked down global ransomware gangs, like REvil in recent months. REvil gained notoriety following the Colonial Pipeline attack which caused widespread gas shortages in the U.S. in 2021. Authorities forced the gang offline in 2021 through a multi-country operation.

With new laws giving federal police clear legal authority to investigate and prosecute gangs internationally, this spells good news for cybersecurity as a whole in Australia, however attacks on smaller businesses may still fly under the radar.

What’s next?

Government funding has increased in response to the growing threat of ransomware attacks in Australia, and while much focus has been placed on critical infrastructure and public sector security, the government provides a range of guides and frameworks to help SMEs. These include the Essential Eight, the Small Business Cyber Security Guide, and tips on how to backup and restore files.

As the ransomware challenge facing Australian SMEs continues to grow, optimising cybersecurity is imperative for all organisations. Here are five tips to tighten your security:

• Ensure high-quality defences at all points in your environment. Review your security controls and make sure they continue to meet your needs.
• Proactively hunt for threats so you can stop adversaries before they can execute their attack, if you don’t have the time or skills in-houseer, outsource to a Managed Threat Response specialist.
• Harden your environment by searching for and closing security gaps: unpatched devices, unprotected machines, open RDP ports, etc. Extended Detection and Response (XDR) is ideal for this purpose.
• Prepare for the worst. Know what to do if a cyber incident occurs and who you need to contact and notify.
• Make backups, and practice restoring from them. Your goal is to get back up and running quickly, with minimum disruption.

The post Ransomware exposed – why SMEs have a target on their backs appeared first on Inside Small Business.

The Australian Cyber Security Centre (ACSC) received more than 67,500 cybercrime reports during 2020-21, up nearly 13 per cent from the previous financial year, largely driven by more online engagement and increased use of connected devices due to pandemic-driven remote working and adoption of cloud-based solutions. 

According to the ACSC, small businesses reported more cybercrime than in the previous financial year and medium-sized businesses had the highest average financial loss per attack. BlackBerry’s 2022 Threat Report also found SMEs suffered about 13 threats per device, far more than larger enterprises.

Understanding cybercriminals

Cybercriminals can be clumsy, leaving behind playbook text files containing IP addresses, according to BlackBerry’s 2022 Threat Report. This suggests while the ransomware may be sophisticated, it’s being sold to common cybercriminals. Malware tools such as backdoors, infostealers and even ransomware used to take down the US Colonial Pipeline are being sold to anyone on the dark web.

To add to this, rising use of digital channels has brought old tactics such as phishing and watering hole attacks back into fashion, predominantly due to their ability to scale. These tried-and-true tactics will be continually used as we see innovations like augmented reality and the metaverse develop and enter the mainstream market. 

While SMEs with remote workers are struggling to secure countless unmanaged employee devices, some groups are exploiting personal devices used for work-related tasks like checking email and accessing documents. Others engage in massive phishing campaigns to fool people into clicking on an SMS link, scanning a ‘bad’ QR code or posing as legitimate software installation.

Leveraging shared cybersecurity resources

Many SMEs rely on legacy antivirus software and infrastructure which can’t scale to combat the cybercriminals’ sophisticated methods.  They also struggle to find skilled cybersecurity people to manage it. Governments and leading cyber organisations, however, have taken positive steps to help. The Five Eyes guidance, the Global Cybersecurity Alliance (GCA) and the Australian Cyber Collaboration Centre (A3C) have announced a range of free tools and services to help companies stay safe online. There are also Australian government tax incentives available to small businesses for digital software investment and skills and training.

Many enterprise security teams are challenged by increasingly sophisticated attackers moving at speed across larger attack surfaces. So, what about those companies that have one or two IT employees (if any) trying to do it all?

This is where subscribing to a managed Extended Detection and Response (XDR) service can arm SMEs with enterprise-grade skills and protection at a fraction of the cost, thanks to a shared service model. Using Artificial intelligence (AI) cybersecurity tools as a force multiplier, XDR gathers enriched threat intelligence across the entire attack surface, contextualised to improve human and automated response actions. A cybersecurity analyst will lose valuable time sifting through alerts, whereas a managed XDR service provides automated 24/7 threat monitoring and a team of experienced technical experts. This significantly eases the stress-levels and burden on management and internal staff, giving them time back to focus on other important tasks.

Given the volatility of the current threat landscape, tools and support that take the pressure off stretched security teams are essential. A prevention-first model, leveraging AI and shared services like XDR, will not only protect data and endpoints, but will help SMEs save time and money. By creating these new efficiencies, management may then have some breathing room to train and upskill existing staff, reduce stress and improve the workplace culture. Happy staff, happy customers!

The post The cybersecurity share economy: how to help SMEs most at risk appeared first on Inside Small Business.

According to OpenText Security Solutions’ 2022 BrightCloud Threat Report, 82 per cent of ransomware attacks in 2021 targeted businesses with less than 1000 employees. An additional 44 per cent of attacks targeted businesses with 100 employees or less.

Simply put, SMEs are often the prime target for ransomware attacks. To better understand why SMEs are so appealing to cybercriminals, we must unravel the misconceptions of ransomware and reframe how we think of cyberattacks.

The misconceptions of ransomware

It’s easy to focus solely on a dollar amount; take Kaseya for example. Once cybercriminals encrypted enough of the business’s information, they held the data for $70 million ransom. While a staggering amount, the price tag skyrockets the average ransomware costs. It creates a false sense of security among SMEs that they won’t be targeted simply because they are too small. The BrightCloud Threat Report revealed the average ransomware payment increased in 2021 to $322,168. This is far less than the multimillion-dollar ransomware costs that dominate headline news.

SMEs are a sweet spot for hackers to exploit because they often lack cybersecurity resources, both technology and security expertise. SMEs require significantly less effort to breach than large enterprises, therefore are perceived ‘low-hanging fruit’ for cybercriminals looking to widen their net.

Another misconception is that cybercriminals are tech-savvy behind a keyboard. While this may have been the case once, it no longer applies today. An increasingly popular business model among malicious actors is “Ransomware as a Service” (RaaS). Using RaaS, aspiring cybercriminals can acquire fully operational ransomware without any coding. If an attack is successful and a ransom is paid, the RaaS cybergangs take a 30 per cent cut of the payout. 

Reframing how SMEs think about ransomware and putting policies and technology in place to better protect themselves is critical to avoid falling victim to a ransomware attack.

Reframing ransomware

Creating cyber resilience requires strong multi-layered security and data protection policies to prevent, respond and quickly recover from threats. While this may sound difficult and costly, there are a few simple steps that SMEs can take to limit the scope of successful attacks.

Ransomware attacks increased when employees started to work from home due to government mandates and lockdowns. Locking down Remote Desktop Protocols (RDP) is a quick way to get started on the path to cyber resilience. Trends over the past year have shown that open RDP ports are the most common entry point for data breaches among small businesses because of their simplicity. SMEs must ensure their remote collaboration technologies are always secure.

If systems or data have been comprised, the ability to stop lateral movement is key to quickly recovering from cyberattacks. Having a strong backup and disaster recovery plan, supported by technology, for critical files can undermine the leverage cybercriminals have against a business and allows for less disruption to business continuity.

Virus protection software and security awareness training are other steps SMEs can take to better protect themselves from a ransomware attack. Security training can’t be a “one and done” deal; it needs to be continuous and delivered in a way that employees find engaging so that they understand and follow it.

No business, regardless of size, is safe from cybercriminals. Putting policies and technology in place to minimize the effectiveness of potential ransomware attacks is essential. And as new threats emerge and evolve, so must security awareness training. Keeping users up to date on the latest scams and attacks will help transform employees from a weakness into the first line of defence.

The post Why we forget SMEs are major targets for ransomware appeared first on Inside Small Business.

Naivety plagues SMEs

Despite this mutating prevalence of ransomware attacks, SMEs are not adhering to the warnings of managed service providers (MSPs) and cybersecurity providers. A widespread belief by some businesses is they are too small or insignificant for a ransomware hacker to target, however, this is far from the truth. SMEs are twice as likely to be victims of ransomware attacks, making the need to focus on cyber security imperative. A business’ reduced efforts towards its cybersecurity, presents an easier pathway for hackers to execute a successful ransomware attack.

The misplaced confidence in a business’ stature births extreme vulnerabilities and consequences to ransomware attacks, as the lacklustre attention to its cybersecurity is easily exploited. The new threat landscape eliminates businesses’ luxury of only investing in cyber protection. Ransomware should be considered with the highest of threats, as hackers have the opportunity to access and manipulate a business’ data, whilst the downtime leaks money from the SME’s pockets. Businesses should not just fixate on cyber protection but employ a holistic cyber resilience plan to introduce business continuity.

A shift from cyber protection to cyber resilience

Cyber protection is an integral part to a business’ security, but it shouldn’t be the only component. Reliance purely on protection software and technology can’t compete against the resurfacing complex attacks. SMEs will become stuck in a game of ransomware-wack-a-mole, which they cannot win. Instead, SMEs should put focus on not only prevention but also its detection response and recovery capabilities.  SMEs need to shift to cyber resilience to mitigate the effects of triumphant attacks and reduce their downtime. SMEs will struggle to manage and recover from a ransomware attack whilst simultaneously attempting to operate a breached business without a business continuity plan in place. This is what builds cyber resilience.

How SMEs can implement cyber resilience

Cyber resilience requires a more proactive and consistent approach from SMEs. This includes:

• Practice good system maintenance. It is vital SMEs regularly scan and test their cyber security. Although a successful ransomware attack will always induce a negative outcome, if SMEs can recognise vulnerabilities before they develop, it will alleviate damages to the business. An internal plan should be assembled with delegated responsibilities across senior leadership to ensure the business’ cybersecurity is optimal against ransomware. Using multi-factor authentication and completing daily back-ups also leads to a healthy infrastructure.
• Educate and assess for the future. SMEs’ naivety stems from the lack of awareness and education on ransomware threats. Businesses need to understand and assess the current threat landscape, recognising what threats to look out for whilst also identifying internal weak points. Shifting focus to cyber resilience means planning for recovery, so SMEs need to compose an incident response strategy, which contains specific directions for specific scenarios of attacks, avoiding further damages, reducing recovery time and mitigating cybersecurity risk.
• Don’t make it a later agenda. Ransomware will only increase in severity as hackers’ attacks become more complex. It should be an urgency for SMEs to shift their focus to adopting a cyber-resilient approach that establishes business continuity. No business is too small for ransomware.

Regardless of size, businesses can no longer believe they aren’t relevant enough for cybercriminals to attack. SMEs need to understand the dangers of the current threat landscape and implement comprehensive business continuity plans and build cyber resilience to prepare for the growing threats of ransomware.

The post Why SMEs should be shifting away from cyber protection and focusing on cyber resilience appeared first on Inside Small Business.