Cybercrime is relentless and no person or business is immune. As a business owner himself, our CEO Nick Sheehan knows this all too well, sharing his advice for SMB’s in a recent article. Now our Chief Technology Officer Dave Perrett adds his perspective on the cyber security mindset every business owner must embrace.
What’s going on in SMBs
There’s still a lot of inaction amongst SMBs when it comes to getting their security in order. And we’re not throwing shade. Life in an SMB is busy. We get it. Despite the best of intentions, are you falling into one of the following mindsets?
- We’re covered – we use antivirus software.
- I assume our managed service provider handles this.
- We’re run a regional business, so I don’t think any state-based hackers are going to worry about us!
- It’s on my ‘to do’ list.
- What’s cyber security?
If you’re nodding to any of these, there’s no sugar-coating it. You’re putting your business at unnecessary risk. What is imperative is you start shifting your mindset and acknowledge 2x things: 1. it’s a matter of when not if you’ll be a target; and 2. cyber security is a journey, not a one-time thing you tick off your to-do list.
Time for action
If your cyber security stops at antivirus software or you aren’t doing anything (yet), it’s time to make a start. Our resources help you benchmark where you’re at now and implement security basics like good password hygiene and multifactor authentication.
There’s also some very prescriptive guides from the Australian Cyber Security Centre that will you get your business up the cyber security curve. We also have plenty of knowledge available on our website.
If you outsource your IT, don’t make the mistake of assuming you’re protected. Just as the nature of cyber-attacks have changed, so too have managed service providers (MSP) contracts and what they cover. Long-standing contracts may not be as all-encompassing for cyber security as you now need. Your business may well have evolved its operations (e.g. offshoring work is something that changes your security needs) and most MSPs are investing a lot to upgrade their services to cover the evolving challenges of cyber security. It’s worth a call to your provider to check what’s in, what’s out and have a conversation about what’s right for you.
Calling in the experts
Antivirus software should form an important part of your security baseline. While it’s not included in the ACSC’s Essential 8, you still need it. There are now a number of security sensors built into PC operating systems and M365 that generate cyber alerts, all of which need analysing, prioritising and action - quickly. The reality is this amount of signal creates too much noise for any support desk to handle. That’s where a Security Operations Centre (SOC) comes into the picture. It’s a service that sits on your network constantly monitoring activity, using algorithms and AI to identify potential issues (i.e. Picking up signals from the noise). When it spots an issue, it’s immediately referred to a cyber security analyst responsible for de-escalating it (isolating an at-risk computer from your network, for example). They then call on a cyber security expert (like efex) to take further action if it’s needed. The faster this happens, and the threat mitigated, the better the outcome for your business.
Taking it to the next level, you can engage with an expert to implement a cyber security solution that aligns with your unique business operations and evolves with your business and the cyber landscape. It’s not set and forget, and never will be.
At efex, our in-house cyber security team uses best-in-class technology and processes to proactively protect your data, like routine searches across the dark web for your business credentials, reporting on suspicious web traffic and closing virtual doors so any previous vulnerabilities are blocked. It’s not just one thing, it’s many layers of proactive and reactive measures, procedures & actions will keep you one step ahead.
We make it easy
We recognise our customers aren’t running IT businesses. They need to be able to rely on us for peace of mind that they’re protected. For that reason, we continuously invest heavily in cyber security – the technology and expertise our team deliver for our customers 24/7.
Whether taking your first step, or you know you need more, and it’s time and effort you don’t have, we’ll help shift your mindset and get your cyber security on track.