Cyber security is a vital issue for any business that relies on digital technology and data. However, many small and medium-sized businesses (SMBs) in Ireland are not aware of the risks and the best practices for protecting themselves from cyber attacks. According to a recent report, over 473 cases have been logged against the Health Service Executive (HSE) over their cyber attack incident in 2021. However, this is only the tip of the iceberg. SMBs in Ireland still believe that it is only enterprise companies that face ransomware attacks. The reality is, that cyber criminals attack the SMB market because they do not have cyber security in place.
Some of the main reasons why SMBs are vulnerable to cyber attacks are:
- Companies are still running Microsoft Windows Server 2012 and PCs with older operating systems. No updating them or patching them.
- Insufficient phishing training is given to staff.
- Companies have not upgraded their firewalls to the latest #Gen7 firewalls, such as
SonicWall
#TZ Series.
- We have all received smishing attacks, i.e. #SMS attacks from criminals, who impersonate reputable companies sending fake toll, deliveries or bank details.
- Companies feel they do not need to protect all endpoints, which includes mobile phones.
-
ThreatLocker
No zero trust is implemented on laptops, PCs and servers to help protect against malware attacks.
- And the absolute basic feature, companies will not implement #multi-factor authentication (MFA) because they find it inconvenient.
- When it comes to using #MicrosoftBusinessPremium, clients are under the assumption that all their data is backed up in #Office365 and forget to implement basic features such as Office 365 Backup.
- Most companies do not have an incident response plan to a phishing attack or to their systems going down which can cause a huge financial burden and reputational damage to their business.
- SMBs believe that implementing a managed #securityoperationscentre (SOC) is expensive.
The good news is that there are many affordable and effective solutions for SMBs to improve their cyber security and reduce the risk of data breaches and system downtime. Some of the recommended actions are:
- Upgrade to the latest versions of operating systems and applications and apply security patches regularly.
- Provide regular and interactive phishing training to staff and test their awareness with simulated attacks.
- Invest in a modern firewall that can detect and block advanced threats and provide visibility and control over network traffic.
- Be wary of any unsolicited or suspicious SMS messages and do not click on any links or provide any personal or financial information.
- Use a mobile device management, #MDM solution that can enforce security policies and remotely wipe or lock lost or stolen devices.
- Implement a #zerotrust approach that verifies the identity and device of every user and grants access only to authorized resources.
- Enable MFA for all accounts and applications and use strong and unique passwords for each one.
- Use a cloud backup solution that can securely store and restore your data in case of a ransomware attack or accidental deletion.
- Create an incident response plan that outlines the roles and responsibilities of each team member and the steps to take in case of a cyber attack.
- Consider outsourcing your cyber security to a managed SOC provider that can monitor and respond to threats 24/7 and provide expert guidance and support.
Cyber security is not a luxury but a necessity for SMBs in Ireland. By following the best practices and solutions outlined in this document, SMBs can enhance their cyber security posture and protect their data and systems from cyber attacks. If you are interested in finding out how to protect you and your clients' data, email [email protected] or contact
Zettabytes Gold Microsoft Partner
and one of our consultants would only be delighted to discuss how to protect yours and your clients' systems.
