Business

Scoop

Network

Scoop Business

How To Protect Your Small / Medium Business From Cyber-attack

Monday, 2 May 2022, 6:37 pm
Press Release: Advantage

97% of New Zealand Business is categorised as SMB, but how at risk are SMBs really? Whilst the headlines are usually filled by hacks involving large companies, don’t be fooled into thinking that cybercriminals discriminate by size. Actually, some of the biggest data breaches start out at smaller businesses. SMBs perform services to enterprise level companies and have some form of access to their systems e.g., an HVAC contractor delivering services to a large retail chain was hacked and their access used to breach the retailer.

So, why are SMBs a target?

Your valuable data – hackers know that even SMB data is easy to profit off on the Dark Web – do you hold medical records, credit card details, bank account details or perhaps proprietary information? The crims either use it themselves to get into bank accounts and commit fraud or they sell it to other criminals.

Your links to larger companies – we live in a world where businesses are digitally connected to each other for a variety of reasons – manage supply chains, share information, complete transactions etc. Enterprise organisations are usually harder to breach, making the smaller business partner a viable target to get into the systems of the enterprise client.

Your hard-earned dollars – Cybercriminals mostly target companies for profit, particularly in New Zealand. With the primary motive to make money, it is easy to see why ransomware is such a popular method of attack. As long as they are getting away with it, it will continue.

How do you protect your business?

Advertisement - scroll to continue reading

You may wonder how you can protect your business sufficiently when unlike enterprise companies, you cannot have an entire teams devoted to managing cybersecurity.

For SMBs, we recommend the guidance as detailed in the ACSC Essential Eight Maturity framework. The framework is simple and guides you through four maturity levels – each step up caters to protection against a more sophisticated attacker.

How you can implement Essential Eight in 5 steps

ACSC Essential Eight is summarised in the diagram below. As discussed, there are four maturity levels (level 0 – level 3) within each control – focussing on these controls and building your maturity to a level that fits your risk profile will go a long way to safeguard your business from cyber-risk.

Step 1: Review the key elements of the model

Step 2: Identify a target maturity (this is not what you think is realistic to achieve, but rather the risk associated with exposure to more sophisticated attacks given the nature of your systems and data requirements)

Step 3: Recognise that the Essential Eight represents a minimum set of preventative measures – you may need to consider further strategies

Step 4: Plan to implement

Step 5: Build a Team – IT Security is not a set and forget things and responsibility should never lie with a single person. The skills shortage, complexity and cost attributable to building a team, partnering with a MSSP often represents the most viable solution to a SMB. In this way, you are assured that someone is 1) tracking key changes in the threat landscape 2) you have a vendor and product suite that is fit for purpose, provides relevant service metrics 3) alerts are managed and acted on 4) AI and human resources are applied to provide timely prevention, mitigation, and response activities.

Cybersecurity is a journey, not a destination. By improving your cyber-security maturity, you are raising the cost of attacking your business i.e., if you present a harder target than your neighbour, adversaries will generally redirect their attention.

For a discussion on how you can improve your security posture and to learn about the unique Advantage approach to managing cyber-security risk for SMBs, give us a call on 0800 358 8999 or send us a message here

About Advantage

Advantage have been around for a while; over 38 years in fact. We started out building hardware for the local New Zealand market back in the early Eighties. Once the big brands moved in, we pivoted into hosted services, building a state-of-the-art datacentre providing cloud services and disaster recovery infrastructure.

As the landscape continued to change, and our customer base grew, there was a natural progression into the security space. Most of our customers were in the financial, legal, and medical industries where regulatory requirements necessitated a focus on protecting data and systems.

Our business has continued to evolve and today we provide Security Services that are fully supported by our 24x7 Security Operations Centre (SOC).

We have offices in Auckland, Palmerston North and Wellington, servicing customers throughout New Zealand and the Pacific region.

Advertisement - scroll to continue reading

Did you know Scoop has an Ethical Paywall?

If you're using Scoop for work, your organisation needs to pay a small license fee with Scoop Pro. We think that's fair, because your organisation is benefiting from using our news resources. In return, we'll also give your team access to pro news tools and keep Scoop free for personal use, because public access to news is important!

Go to Scoop Pro Find out more

Find more from Advantage on InfoPages.

Business Headlines | Sci-Tech Headlines

BUSINESS, SCIENCE & TECH

John Mazenier: Gaffer Tape And Glue Delivering New Zealand’s Mission Critical Services

Every debt, eventually, has to be repaid. Right now, the day of reckoning is fast approaching for one of the most crippling, but least discussed, debts burdening government across New Zealand – technical debt. Technical debt is the cost of generations of incremental investments in legacy technologies to tease additional functionality or life from them.

Earthquake Commission: Ivan Skinner Award Winner Inspired By Real-life Earthquake Experience

Witnessing the human cost of the Canterbury earthquakes inspired Ben Exton to become an earthquake engineer and find solutions to make New Zealand homes more resilient against future seismic events. Exton last week received the Ivan Skinner Award at the New Zealand Society of Earthquake Engineering (NZSEE) annual conference to recognise his innovative work as a practitioner and to support his qu

Reserve Bank: Consultation Opens On A Digital Currency For New Zealand

Te Pūtea Matua is continuing its exploration of a central bank digital currency. “We are calling this ’digital cash’. It would be a new type of money in addition to the banknotes and coins we have today, and the electronic money in your bank account,” Director of Money and Cash – Tari Moni Whai Take Ian Woolford says.

NIWA: Ship Anchors May Cause Extensive And Long-lasting Damage To The Seafloor, According To New Research

NIWA anchored their research vessel in Wellington Harbour and observed in real-time how its anchor changed the surrounding environment. Study leader NIWA geophysicist Dr Sally Watson says they saw broomstick-like scarring on the seabed.

New Zealand Customs Service: A Step Forward For Simpler Trade Between New Zealand And Singapore

The New Zealand Customs Service has signed an arrangement with Singapore that will help to make trade simpler for exporters. The Arrangement on Facilitating Safe and Efficient Trade sets out a framework for developing and strengthening practical cooperation on trade and the use of emerging technology.

Horizon Research: 68% Say Make Banks Offer Fraud Protection

68% (2,785,000 adults) believe the government should regulate to make sure banks offer fraud and cybercrime protection to customers. These are among findings of a new study, conducted in the public interest by Horizon Research, on bank fraud and cybercrime.

Join Scoop Pro

Submit News

Become a Member