This episodes looks at the big picture for small business cyber security.
Exactly what is the threat and how can you defend your network, your data and your small business.
Cyber Security 4 Small Business is a set of resources to help small business owners understand the Cyber Threat and be able to defend their network is the most cost effective way possible.
We believe that 95% of Cyber Security and Cyber Resilience can be achieved through good systems administration and good processes.
It shouldn’t cost a fortune to keep your small business cyber-secure, but it can. What’s more interesting is even if you have a hefty budget to work with, you still cannot guarantee your security.
In 2016, a part of the US National Security Agency was hacked. A lot of the tools that they used to hack into other countries’ computers and networks were released publicly and critically, if the NSA isn’t secure with all the budget they have, then what chances do small business owners have against this?
Now, as a small business, what’s critical is that we learn to minimize the risk of cybersecurity incidents and the impact that one would have, should one occur.
What does it take to secure your business from cyber-attacks?
One of the biggest issues we have today is that a lot of people want to make it seem very expensive to create an effective security plan for your business, but that’s not true. In reality, good cybersecurity is 99% just solid IT systems administration and a well-managed network.
You must be thinking security first, security last, and security always.
What has changed in cybersecurity for small businesses through the years?
10 years ago, if there was a network breach, 99% of the time it would be coming from inside the business. It was an employee who had taken data and that was the biggest thing we saw.
5 years ago, what we were seeing was predominantly theoretical attacks, such as vulnerabilities in an application or operating system.
What is driving the change in cybersecurity?
The biggest driver in these changes in cybersecurity is the people behind it.
First, it was an internal event, an employee from the business. Then, it migrated to the stereotypical teenager sitting in their bedroom, running their hacking operations.
What groups have realized the monetary value of hacking into businesses?
We’ve seen significant movements in organized crime and nation-states for different reasons – the former being an easier method to make money and the latter, coming from an intelligence and economic perspective.
How are the different nations benefitting from cybersecurity attacks?
● North Korea – file encryption that requires Bitcoin payment for the decryption key, possibly to help the nation get around their crippling sanctions.
● Russia – disinformation campaigns that release actual information along with a few that have potentially been changed to create chaos.
● China – information and disinformation campaigns for dominance in the region and intel on other nations.
Why should small businesses take cybersecurity seriously?
With everything going on in the global economy, we’re only seeing these kinds of attacks increasing over time. There are many different ways you can protect your small business from this, but it ultimately comes down to two things – make it less likely to have a cyber incident and make sure that when something does occur, the impact is not very significant.