Safer Internet Day was recently celebrated around the world, highlighting the need for consumers and small to medium enterprises (SMEs) to take the time to ensure that they are managing their cyber risks correctly.
This according to Santho Mohapeloa, Digital Distribution Specialist at SHA Specialist Underwriters, who says that the cyber risks faced by SMEs increase every year. “According to a global Cybercrime Survey Report for 2017 by KPMG¹, approximately 43% of organisations indicated that they have experienced ransomware attacks in the past year.”
According to Mohapeloa, it is therefore becoming increasingly important for SMEs to learn how to protect themselves against cybercrime to the best of their abilities. In line with this year’s Safer Internet Day slogan of “create, connect and share respect”, he provides the following cyber risk management tips.
- STAFF TRAINING INTIATIVES
Mohapeloa says that employee negligence is one of the leading causes of cyber-attacks. “Well-informed staff members already significantly reduce the risk of loss to the company. SMEs should introduce cyber awareness training programmes that illustrate and highlight the dangers of the internet. This should include the current topics and trends, such as the dangers of phishing, malware and ransomware attacks.”
- PORTABLE COMPUTING DEVICES
He stresses that SMEs must also ensure that company owned devices such as laptops, smartphones, iPads and tablets are protected by the same enterprise-grade security systems. “Company devices should be encrypted in such a way that only authorised parties can access the device. It is also important to set up a remote wipe function in the event that the device is lost or stolen. Lastly all these devices should have strong, unique passwords that are frequently changed.”
- MONITORING SYSTEMS
Every business has to follow stringent security monitoring systems and procedures to mitigate the risk of targeted cyber-attacks, Mohapeloa adds. “Endpoint monitoring, security event log monitoring, compliance monitoring, network and traffic monitoring, device management, email and web monitoring are just some of the key systems that SMEs should have in place. This can be offered by reputable IT companies.”
- PUBLIC WI-FI SPOTS
Lastly, Mohapeloa says that employees should also take responsibility for their cyber risks. He says that SMEs should educate their employees to be wary of free public Wi-Fi hot spots, especially when using the public network to log onto work systems. He explains that public Wi-Fi hotspots are popular places for cyber-attacks to occur and they can potentially provide a hacker with unfettered access to unsecured devices on the same network.
“One of the most common ways that hackers gain access is with so-called man-in the-middle attacks (MITM). This is when the attacker secretly relays and possibly alters communication between two parties. This is why it is vital for individuals who conduct financial or business transactions from coffee shops and restaurants to think twice before they log on to any public Wi-Fi networks.”
The opportunities presented by the internet are myriad for SMEs and consumers alike, but Mohapeloa stresses that safeguarding against cyber threats is paramount. “It is important that companies and employees cultivate safe internet habits in order to be able to grow their businesses, manage their finances and be more productive.” Mohapeloa concludes.