Story image

FY18 is here: ESET's guide to top cybersecurity investments for SMBs

03 Jul 2017

As Australian businesses and SMBs start to formulate their budgets for FY18, ESET is underlining the importance of security irrespective of their business size.

However, SMBs are more likely to underplay security's importance, particularly around reaction and response.

The company says that SMBs need to understand threats and draw on expertise from IT departments, ensuring the FY18 protects all aspects of the business.

ESET senior research fellow Nick FitzGerald says, "“Irrespective of business size, it’s critical to have a broad reach across the whole organisation with a cohesive cybersecurity solution, and more importantly, a response and reaction plan".

The company says that even cyber insurance firms are starting to get tougher on security requirements. Recent cases have not looked favourably on 'we had firewall and antivirus but still got hacked' cases, suggesting that businesses now need much more.

Cyber insurance policies tend to cover requirements that can, at a minimum, ask for competency across process, logging and monitoring so that businesses are covered when breaches occur.

ESET says that for some businesses who have those kinds of protections, cyber insurance is a good option. If not, businesses should consider upping their security so they're actively preventing threats and covered if breaches occur.

The company also says that there are three areas SMBs and businesses should focus on: Security, reliable backup and talent.

Security: Comprehensive endpoint security software that offer extra, interoperating levels of security. Anti-malware is also recommended.

Reliable backup: Backing up systems at regular intervals is crucial. Keep one backup on offline storage at all times. Also ensure backup systems are working properly.

In addition, it can take a long time to deploy patches and system software updates, but it will save businesses in the long run. Turning on automatic updates can help this process.

Managed service providers should also check what system update policies apply to their systems and consider their applicability.

Talent: Training employees to identify threats and investing in talent is the best way to maximise current assets, ESET says.

Move beyond compliance to training systems and encourage them to become the change to better defend themselves and their company. using real-world examples of threats and threat protection can help them in the workplace - and at home.

ESET says a team doesn't need to be a collective cybersecurity expert, however a good understanding of the warning signs to look out for and having procedures in place that emphasise the importance of reporting will go a long way.

Industrial control component vulnerabilities up 30%
Positive Technologies says exploitation of these vulnerabilities could disturb operations by disrupting command transfer between components.
McAfee announces Google Cloud Platform support
McAfee MVISION Cloud now integrates with GCP Cloud SCC to help security professionals gain visibility and control over their cloud resources.
WatchGuard announces A/NZ partners awards
Four Australian companies were named partner award winners at the WatchGuard conference in Vietnam.
Telstra’s 2019 cybersecurity report
Cybersecurity remains a top business priority as the estimated number of undetected security breaches grows.
Why AI and behaviour analytics should be essential to enterprises
Cyber threats continue to increase in number and severity, prompting cybersecurity experts to seek new ways to stop malicious actors.
Scammers targeting more countries in sextortion scam - ESET
The attacker in the email claims they have hacked the intended victim's device, and have recorded the person while watching pornographic content.
Cryptojacking and failure to patch still major threats - Ixia
Compromised enterprise networks from unpatched vulnerabilities and bad security hygiene continued to be fertile ground for hackers in 2018.
Why cybersecurity remains a top business priority
One in two Australian businesses estimated that they will receive fines for being in breach of new legislation.