Cybersecurity is more important than ever, as hacks and attacks surge following the mass migration to remote working. South Africa is coming to terms with a stint of longer-term social distancing measures and as the workforce adapts to the home office, the scale of the surface vulnerable to attack has significantly increased.
At a time when many medium businesses are looking to curb expenditure and baton down the hatches for an impending economic shock, one area that cannot afford to be skimped on is security. Moreover, cybersecurity strategies need to be adapted at speed to the new ways of working in order to protect businesses. For smaller and medium businesses with less cash flow to buffer a cyber-attack, it could be disastrous.
Covid-19 Cyber Realities
Since the start of the Covid-19 outbreak the rate of phishing attacks skyrocketed by over 600% in Europe compared to January figures. Attackers have been exploiting the fear and uncertainty generated by the pandemic by luring users to click on a variety of links or handover personal details – or unknowingly download malware.
The increased level of risk is being acknowledged across industries – with healthcare businesses being particularly affected. The World Health Organisation reported a five-fold increase in cyber-attacks, targeting its employees as well as the general public, with scammers impersonating the organisation. It took to the media to urge extra vigilance as a result. Meanwhile, Europol has warned that the number of cyberattacks is likely to increase, placing cyber-crime in one of the top four crime categories.
Small and medium businesses are rightly concerned. Not only are they disproportionately being targeted, but they are particularly at risk from phishing or ransomware attacks due to a comparative lack in cyber training and awareness. Larger businesses tend to have a number of in-house cyber security experts, enabling swift and effective responses. Speed is key when it comes to containing a breach.
Apart from a lack of awareness putting smaller businesses at risk, the larger businesses that may rely on their goods and services also risk being exposed – creating both reputational as well as financial consequences. This is a critical consideration for any company, large and small, as some local companies already have experienced. Security is a collaborative effort, requiring all stakeholders to be aligned, alert and prepared to take the appropriate action in the event of an attack.
Protecting medium businesses
With high risks and high stakes, medium businesses will need to review and update security strategies – engaging with expert consultancy where possible for support. In order to protect businesses, data must be protected from the endpoint to the data centre, assessing each step of the chain and reviewing when the business landscape evolves. Being able to pivot in order to protect is key. Their first line of defence are their employees.
Ensuring the workforce has a good understanding of cybersecurity essentials is a key part of any strategy – along with an instant response plan. This includes being aware and having a plan for many different threats, including internal or insider damage to data.
This can be achieved with a Cyber Recovery solution. The solution includes a secure digital vault that is disconnected from the network via an automated air gap and stores all critical data off-network to isolate it from attack. This promotes business resiliency, provides assurance following extreme data loss or destruction and includes both business and technology configuration data to enable rapid recovery of the environment and resumption of normal business operations. This is true for any customer, any industry, size, region or workload
Without a Cyber Recovery solution, a company spends significant time recovering the last backups without knowing if they are good or not. This is a long, labour intense, iterative and costly.
Let’s not forget regular training, workshops and testing to help businesses spot security threats. With the surge in phishing and other malware attacks, it is important that customers understand the risk, the levels of deception and the consequences. Practice really does help erase complacency and keep staff on their toes.
While some medium businesses may ponder why they would be targeted over a larger business, overall they seem to accept that the threat is not only real but impending, according to a recent study. However, far from being complacent, with the volume of risk being exponentially high there is a tendency for IT decision-makers to panic – and they need to know who to turn to for clarity.
Trusted advisors with a deep digital expertise should be able to share a clear security roadmap, that is surprisingly simple. Dell Technologies’ security experts help to tailor cyber strategies to businesses, providing a threat intelligence network using AI technologies, while ensuring the ecosystem of partners is covered. Medium businesses are not alone – but they do need to act.
As the world economy continues to digitise operations, supply chains, business transactions, and employee and customer services, cyberattacks are expected to continue to pose as one of the major threats to the world. Shoring up security for medium businesses provides a critical lifeline in otherwise uncertain times.