5 Ways to Do More with Less & Boost Cybersecurity for Your SMB

Can you believe it's already October? Lots of working parents out there just like me, will be starting to think about spooky, fun activities for the kids and pumpkin themed decorations for Halloween at the end of the month. But these few weeks each year are also a time for reminding ourselves about some of the more legitimately scary things out there, waiting go bump in the night, because it's Cybersecurity Awareness Month.?

At Microsoft, my team and I are responsible for engaging the UK's small and medium business community, so we hear first-hand what a challenge cybersecurity can be for SMBs, all year round. Our research shows 1 in 4 SMBs experienced a cyberattack in the past year, and a report from the from Department for Digital, Culture, Media & Sport earlier this year found cyber-attacks are becoming more frequent - with organisations reporting more breaches over the last 12 months. It's also worth noting that average total financial cost of a data breach for an SMB, was estimated to be $105,000 in 2021.???

How we work has also changed so much in recent years, and the shift to hybrid has coincided with the higher threat level from criminals. More staff - many of whom used to be purely office-based – are now operating from multiple locations and using a range of personal devices for different types of work. Which means the number of potential vulnerabilities SMBs must mitigate has increased significantly.???

That said - the UK's SMBs are more than capable of dealing with these challenges, and with the right tools and the right partners have good opportunities to bring down the cost and complexity of running a business, get more value out of the technology they are paying for, and ultimately - do more with less.???

So here are five ways an SMB owner, manager or IT decision maker can boost security and confidence, just when their organisation might need it the most.

1. Prevent breaches and reduce costs??

Despite the security challenges of having employees accessing systems from multiple locations, connections, and devices - because just like your home, it only takes one unlocked door or window for criminal to break in, - we mustn't lose sight of the benefits hybrid work delivers. Managing the school run, fitting in exercise, getting a couple of hours of focused hours work done first thing – it's all a little easier for staff if they can work flexibly.?????

Making hybrid work, work - is worth it, but SMBs need help achieving this, because enabling seamless productivity requires multiple capabilities - meetings, chat, phone, scheduling, project management, cloud storage, analytics, automation, and yes, security. The license fees for all these different solutions can quickly add up, as well as the complexity of adding, deploying, and managing each solution separately.??

However - there are ways SMBs can become more secure, productive, and still spend less on technology.??

Microsoft 365 is a complete solution with all the premium tools staff need, and because it's available from a single vendor at a great price, can bring down small businesses' costs significantly, by consolidating all their licenses and apps. This can save as much as 50% compared to paying for multiple separate point solutions, which is the kind of support small businesses need in such a high inflation environment. As well as the budget savings from not having to travel as often or rent as much office space.?

2. Free up time and energy with automated, end-to-end defences?

For SMBs today, it's a case of when, not if, they will have to deal with a cyberattack. But neither small business leaders or their staff can be expected to stay alert around the clock, when they've already got their hands full motivating teams, taking care of customers, and seeking out new opportunities to grow.??

So, by automating their defences, SMBs can lighten their load. Microsoft Defender for Business - which is included in Microsoft 365, but also available as a standalone solution - is a cloud-connected, AI-powered service that automatically monitors systems 24/7. It gives business leaders more time and space to think, by increasing their security confidence - knowing they will be alerted in real time to any trending or serious threats. What's more, routine threats are also investigated, responded to, and resolved automatically, preventing the headache of being alerted to every single low-priority security issue.?

Now, Defender for Business will go even further beyond traditional antivirus security, by offering automated endpoint and cloud protection, enabling SMBs to onboard devices running Windows Server or Linux Server into Microsoft 365. This means enterprise-grade protection in an easy-to-use and cost-effective package, including onboarding, configuration, and security for Windows, iOS, Android, and MacOS devices.?

3. Get proactive to block phishing attempts?

Phishing is a growing challenge for businesses of all sizes, including SMBs: Fake emails, website and text message scams accounted for 30% of attacks in 2021. The annual online phishing exercise run by Terranova - which uses real-world simulations to establish accurate phishing clickthrough rates and additional benchmarking statistics for companies that choose to participate - found that 19.8% of users clicked the phishing email link, and 14.4% downloaded the fake document.??

Unless staff are helped then, there's a significant chance of SMBs getting hacked.??

We recommend putting a system in place that will check all incoming data to an organisation, on behalf of all users, 24/7. Defender for Business can help here too, as it has proactive protection built-in, with round the clock human and AI analysis of trillions of signals. As well as automatic checking of all URLs, incoming files, and attachments to detect and disable any threats before they can get through and disrupt the business.??

4. Discover where you stand - and what to do next?

Not only are cyber threats more sophisticated than ever before, but they are also always evolving to become even more dangerous. For SMBs who have enough to deal with as it is, this can make it almost impossible to stay ahead of the game. Getting an outside expert to help assess the organisation's current security strengths and weaknesses can make a big difference though, because it helps reveal and prioritise the next right step.??

One brilliant tool I’d recommend is Microsoft Secure Score, which is available in the Microsoft 365 Defender portal. It can provide immediate actionable advice on how SMBs can ramp up security across all their devices, apps, and identity checks. Being able to discover the quickest security wins is a great place to start, and Secure Score will also provide a clear checklist of actions, for upgrading and maintain a business's defence for the long haul.??

5. Keep training your team to futureproof SMB security??

Whatever the strengths, weaknesses and immediate actions needed for an SMB's current security setup, educating staff is always going to be a good idea. The recent SANS 2022 Security Awareness Report warned that people have now become the primary attack vector for cyber attackers around the world, which is to say that humans rather than technology now represent the greatest risk to organisations. This means that security training and awareness programs for all SMB staff, not just IT professionals, are essential for managing risk.??

One resource I'd recommend is this LinkedIn learning course: Cybersecurity for Small and Medium Businesses: Essential Training. It's an excellent, free programme that, in just 1 hour and 45 minutes, can help support business owners and their staff by providing the foundational knowledge they need to secure their data and online accounts. Using the NIST Cybersecurity Framework - an international standard created by the National Institute of Standards and Technology - it shares a five-step process to better secure a business.?

Once staff are trained, the last thing an SMB wants to do is compromise their efforts, so being able to onboard people and maintain security easily when they are working flexibly across different locations is essential. Having protection that can grow with the business also helps SMBs get more value out of their technology by keeping defences up to date. For example, Defender for Business uses simplified, wizard-based set up processes, and comes with security policies activated, right out of the box. This makes it much quicker to configure and manage protection for all devices and ensures malware detection and prevention software is kept completely up to date.??

If you'd like to find out more information about how SMBs can do more with less, while improving security and collaboration, take a look at our new Small Business Resource Centre, offering technology advice, free training, products, and tools to help your business survive and thrive, no matter how challenging the environment.??