43% of cyber-attacks target small business.
62 % of businesses experienced phishing and social engineering attacks in 2018
Supply chain attacks are up 78% in 2019
94% of malware was delivered by email
Small business are increasingly being asked by customers to prove that they manage their Information security well and are compliant with all the relevant regulations.
If you’re unable to do it you will find that your bottom line is adversely affected.
Until recently your only options to do this were either bring in a highly paid consultants or dedicate considerable internal resources to the task and then do it all again next year.
There is a lot at stake with two-thirds (66%) of small and medium-sized businesses suffering catastrophic consequences and possibly having to close their doors after a breach. In fact within six months of a cyber attack occurring, 60% of small companies go out of business.
There are things that you can do yourself to improve your information security. Start with these low cost measures and start building your cyber resilience.
Provide IT security training for all your employees as the vast majority of employees would never knowingly harm your business. You can also include your policies and processes into your training program. The Keeper Security/Ponemon Institute’s small and medium size businesses report shows the number of SMBs reporting negligent employees and contractors as the cause of data breaches increased to 60% in 2018 — whereas external threats (hackers) were reported as 37% of the causes.
Have a person in your organisation who administers access to the various systems and information. Access should only be granted to an employee who has a work requirement to see or use the data. Accounts and access should be shut down the minute an employee moves on or changes role and no longer requires access to it to do their job. Password strength should be strong and should be changed every 3-4 months. Lastly passwords should never be shared with colleagues or kept on a post-it note!!!
No matter how perfect their CV is or how well you connected during the interview process never forgo a formal background check.
Ensure you train new staff in how to access your business systems and manage information assets according to your organisations policies.
At the helm of our privately owned, global RegTech firm are industry experts who understand that security controls should never get in the way of business growth. We empower companies large and small to remain resilient against potential threats with easily accessible software solutions for implementing information security governance, risk or compliance measures.
We don't just throw a bunch of standards at you and let you try and figure it out! We have designed a thoughtful way of supporting all businesses consider, articulate and develop security controls that suit the needs of the organisation and provide clever reporting capability to allow insights and outcomes from security assessments to be leveraged by the business and shared with third parties.
Our platform places customers at the heart of our design process, while providing access to expert knowledge. With simple navigation and tangible results, we guarantee that all data is securely encrypted at-rest and in transit with no exceptions – meeting international standards with annual security penetration testing and ISO 27001 Certification.
