A customer inserts a password at an Automated Teller Machine. PHOTO/Eronie Kamukama
There has been an increase in cyber crime cases recently- both locally and globally as technology advances. It is not uncommon for Small and Meduim sized companies to think they are too small to be targets. On the contrary, most hackers consider SMEs an easy target.
As cyber criminals increasingly automate attacks, it is easy for them to target hundreds, if not thousands of SMEs at once. SMEs often have less stringent technological defences, less awareness of threats and less time and resource to put into cyber security. This makes them an easier target for hackers than bigger organisations. SMEs also often work with larger companies, and so they can be used by hackers as a way to target those companies.
For these reasons, SMEs need to be aware of the threats and how to stop them. This article will cover the top security threats facing businesses, and how organisations can protect themselves against them.
Phishing
1)Phishing attacks are the most damaging and widespread threat facing small businesses. These occur when an attacker pretends to be a trusted contact, and entices a user to click a malicious link, download a malicious file, or give them access to sensitive information, account details or credentials.
Malware
2) Malware is the second big threat facing small businesses. It encompasses a variety of cyber threats such as trojans and viruses. It is a varied term for malicious code that hackers create to gain access to networks, steal data, or destroy data on computers. Malware usually comes from malicious website downloads, spam emails or from connecting to other infected machines or devices.
Ransomware
3) Ransomware is specific type of malware that infects and restricts access to a computer until a ransom is paid. It is one of the most common cyber-attacks, hitting thousands of businesses every year. They have grown more common recently, as they are one of the most lucrative forms of attacks.
Insider threat
4) An insider threat is a risk to an organisation that is caused by the actions of employees, former employees, business contractors or associates. These actors can access critical data about the company, and they can cause harmful effects through greed or malice, or simply through ignorance and carelessness.
While there might be need for technical controls to mitigate these cyber risks such as an email security gateway to stop phishing attacks, an anti-virus/endpoint protection for malware, the single most cost effective control is the need for SMEs to ensure that they have a strong culture of security awareness within their organisations.
Weak systems
Target
Employees have become the latest target for cyberattacks with the number of insider-related breaches increasing by 55 per cent this year according to Dimension Data. The tech firm indicates that the increase in the incidents was as a result of companies lacking active monitoring of their IT infrastructure with employees working remotely.
The author is the manager, IT security, standards and architecture at dfcu bank.
No comments :
Post a Comment