SMEs: Cyber-crime can cost you more than you think
As the world is settling in to the Fourth Industrial Revolution – a technology-driven landscape that increasingly blurs the physical world with the digital world, through developing arenas such as mobile connectivity, artificial intelligence, the Internet of Things and next-generation robotics – businesses are faced with a new set of digital challenges, which includes the increased prevalence and sophistication of cyber-attacks.
This is according to Jeremy Lang, regional general manager at Business Partners Limited, who points to research recently released by the Cyber Intelligence Research Group which ranks South Africa as the third most exposed country to cyber-attacks. “2017 has seen an upsurge in cyber-attacks – from ransomware to phishing – and it is imperative that small business owners realise that their businesses are just as much on the radar of a cybercriminal as larger enterprises.
“Although cyber-attacks on bigger companies are more publicised, the National Cyber Security Alliance revealed that more than 70% of attacks in America target small businesses. This is because, unlike large corporates, smaller businesses tend to have less security, making them easy targets,” he explains.
In addition to posing a major threat to the reputation of a business and, in turn, consumer confidence, a cyber-attack can also cost a business millions of Rands to rectify, says Lang. “According to the 2017 Cost of Data Breach Study for South Africa, data breaches cost companies an average of R1,632 per compromised record, an increase from last year’s average per capita cost was R1,548.”
As small business owners are already under significant pressure to stay financially afloat, Lang emphasizes the importance of being adequately protected in this regard - and mentions a number of cost-effective ways to do so. “It’s vital for small business owners to plan ahead, and when it comes to cyber-crime, it should not be considered as a ‘what-if’, but rather a ‘when’.
“If the budget does not allow for costly systems or IT consultations, there are many free tools online such as malware, spyware and firewall protection programmes,” he adds.
“For example, most email programmes offer the option to install a two-step verification on the business’ emails which adds an additional layer of security. In order to sign in, a verification pin is then also sent to the user’s cell-phone, decreasing the risk of it being hacked.”
Lastly, Lang says that as important as it is for a small business owner to be educated on how to protect their business from cyber-crime, this means very little if their staff are not equally as careful. “Every cyber-attack begins with a weakness in human behaviour within an organisation. Avoid human error in this respect by making staff aware of all the types of cyber-crime that exist, as well as what warning signs to look out for, such as suspicious emails which may contain ransomware if opened.
“Small business owners and their staff should also be wary of downloading suspicious files, enabling macros on Microsoft word documents and opening a programme or document sent from an unknown source, and should steer clear from pirated software,” Lang says.
“Regarding ransomware, which is spread through spam and phishing emails, if a computer becomes infected, immediately shut it down, disconnect it from the network and storage devices and take it to an IT professional,” he advises.
“People need to be aware that although cyber-crime has been around for many years, it is expected to continue escalating, becoming more advanced with damages expected to cost the world US $6 trillion annually by 2021,” says Lang. “As such, it is imperative for small businesses to stay on top of their game and ensure their systems and staff are always up-to-date regarding the latest cyber threats,” he concludes.