IT Security is one of those subjects which some people like to avoid because it all seems so complicated and scary…
Some people think it’ll cost too much to protect their business. Others think they’re covered because they have a vague memory of signing off on a quote which had the word “Security” on one of the products a couple of years ago. Some think they can fly under the radar and won’t be a target.
The simple response to all of this is… probably not.
Firstly, it’s not all that complicated anymore. Like all good things in the IT world there is a process for road mapping your security threat risk, and effectively navigating the cybersecurity landscape. This important navigation is something all good IT Managed Services Providers should be aware of. Importantly, most providers certainly should have or be able to develop a solution to address the landscape.
Secondly, cost. IT cybersecurity is very much a “how long is a piece of string” exercise but it all comes down to risk appetite and investment vs impact to business. If you were to look at the investment of a decent preventative measure against the cost of significant downtime and impacted productivity chances are the decision is a no-brainer. If you can’t afford to have all staff offline for a day (or two, or five or more) you can’t afford to not implement appropriate security measures in your organisation.
Finally, staying out of the crosshairs. If you think you’re too small to be a target, unfortunately, this just isn’t the case anymore. Most attempts are more like a shotgun approach, scattered in all directions to see what gets hit. Once they register a hit they see what else they can hit, and keep shooting in that direction until there are holes everywhere. In most instances they have no idea what size the business is, just that it’s vulnerable. With all that being said, last year 65% of breaches affected businesses with 100 or less staff.
The Australia Signals Directorate have come up with a list of baseline mitigation strategies to mitigate cybersecurity threats. This isn’t an all-encompassing foolproof solution to never get hacked again, but it’s the least you should do.
To provide a brief overview, the guide indicates that you have proper procedures or solutions in place for Malicious software, email security, software patch management, user credentials and a backup strategy in place. It also goes without saying that all systems in place should be properly supported by vendors and technology partners to mitigate attacks via known threats.
The Small Business Cyber Security Guide can be downloaded here if you would like to review it yourself, but where’s the fun in that? Reach out to your IT Provider and open a discussion with them to verify if you have the right tools in place and are using the right methodologies to protect your organisation. And if you’re in need of a second opinion or looking for a technology partner that can help you on the right path, get in touch with us.
Book a session with us.