Many small and medium enterprises (SMEs) have begun to understand the importance of cybersecurity for their organization. In fact, over half of cyber attacks now target SMEs. Even through the pandemic, we have seen a large uptake in the number of cyber attacks through spam and phishing emails. It is unfortunate that for a lot of businesses, it took some sort of security breach within their organization to realize the severity of such threats.
From an industry perspective, it has been eye opening to watch these companies react as they cope with the reality of cyber safety. Almost every conversation BrunNet has with business owners surrounds security posture and how their company can improve it. It is so critical for every single business to think about cybersecurity, especially in the current state of the world. BrunNet is committed to updating our customers about upcoming cyber trends and what threats to be prepared for. As a CyberSecure Canada Practitioner, we are trained and prepared to provide quick, pro-active measures to combat potential vulnerabilities in your organization.
COMMON CYBERSECURITY ISSUES WITHIN SMES
Data breaches can result significant downtime and/or regulatory fines that can be crippling to a SME. The most common cybersecurity attacks we see today still come through email. Hackers are getting much more sophisticated in their attempts to replicate emails that look identical to ones coming from someone within your organization. By imitating emails that come from your company’s CEO or financial officer, staff are more likely to trust the message and expose the organization to a cybersecurity breach.
In our experience, it is often the lack of human training that can be the weakest link in an organization’s cybersecurity structure. It is crucial to train your staff from the CEO, to entry level positions. By ingraining the significance of a secure IT posture throughout the entire organization, you will decrease your chances of a cyber attack.
HOW TO AVOID CYBER ATTACKS
Out of the 13 security controls established by the Canadian Centre for Cyber Security, implementing “Strong User Authentication” is the one that we tend to spend the most time on with our customers. Guessing a user’s password to get access to information systems is still a very common cyber threat. We recommend moving from the old standard of a complex combination of characters that had to be changed every 90 days, to a more modern approach of passphrases. A passphrase consists or a sequence of words that can be memorized. Passphrases are only changed when there is a breach of the account, or any indication as such. We have found that be removing the requirement of changing a password every 90 days actually improves security. It definitely leads to fewer sticky notes around the office.
We also strongly recommend that our customers implement Multi-Factor Authentication (MFA) for accessing all forms of data/applications. A two-step verification (i.e., using a pin, smartphone app or biometrics, in addition to a password) can protect identities, even if a password is stolen.
Working with cybersecure canada
BrunNet has worked with several SMEs to guide them through the certification process. We can handle all required tasks, including:
BUILD CYBERSECURITY RESILIENCE WITH BRUNNET
No matter the size of your business, effective cybersecurity strategy is imperative. As more and more businesses begin to digitise their organizations, it is increasingly important that people are aware of cyber threats and how to avoid them. By investing in cybersecurity, you will be helping eliminate potential threats that could hinder your business’ ability to grow and innovate.