printer friendly version

SMEs need a different approach to cyber security

Even though the small to medium enterprise (SME) segment is the lifeblood of South Africa’s economy, not enough is being done to educate business owners about the importance of cybersecurity. This is especially relevant when safeguarding the perimeter from compromises that can put the entire organisation at risk.

The statistics make for grim reading.

A company will be down for at least 14 days a year while trying to restore its systems following a cyberattack. Almost half of all firewalls are provisioned with the wrong rules sets, rendering the network vulnerable to a ransomware attack that, on average, demands R 200 000. And of those organisations that decide not to pay it, 70% will close within six months. And if that is not bad enough, half of all businesses do not even have a backup or disaster recovery plan in place.

Clearly, there is significant potential in the SME market to drive cybersecurity growth. However, smaller companies require a different approach to how vendors position solutions for enterprises. For one, more aggressive price points are needed as SMEs are beholden to cash flow and cannot afford enterprise-class offerings. For these owners, it is less about the value-adds cybersecurity can provide and more about working as effectively as possible to protect their data.

Craig Freer, Vox

Integrated protection

Not many small business owners understand (or even care) what phishing, 419 scams, and the like are. They are so focused on delivering on their business needs, that these security concerns often fall by the wayside. This means a 360-degree approach is required that offers protection across all touch points so decision-makers can drive the strategic requirements of the company.

Such an approach starts at the perimeter where an SME must implement an effective firewall solution that offers the appropriate level of ransomware protection. Furthermore, it must integrate with a backup plan that enables the business to restore documents if the worst should happen and ransomware does get through.

Even then, the best firewall in the world will be useless if it is not provisioned properly. This is where a trusted partner becomes vital as it will guide the SME on how best to integrate the firewall if it is not going to become a glorified router.

Unfortunately, many leave this until it is too late. Once a business is hit by ransomware, there is very little to be done for them. It then revolves around damage control and trying to mitigate the loss of mission-critical data in ways that do not force the SME to close its doors a few months down the line.

At your service

With more than 380 000 new threats emerging daily, it is imperative to have a strong firewall capable of protecting the peripheral of the network. Using infrastructure-as-a-service as a foundation, the SME can apply policies and protection where they are needed most. However, this must be continually managed if it is to deliver permanent protection.

This is where managed services become critical for an SME. The service provider can make changes on-demand, perform ongoing health checks, provide reports, and even perform quarterly assessments as part of the firewall offering at a price point the SME can afford.

The digital world of business needs a different way of addressing cyber security concerns. And given how the cloud is permeating everything SMEs are doing, this makes it the ideal platform to drive more sophisticated defences that can be part of a managed offering.

Share this article:

Further reading: