Story image

FY18 is here: ESET's guide to top cybersecurity investments for SMBs

03 Jul 2017

As Australian businesses and SMBs start to formulate their budgets for FY18, ESET is underlining the importance of security irrespective of their business size.

However, SMBs are more likely to underplay security's importance, particularly around reaction and response.

The company says that SMBs need to understand threats and draw on expertise from IT departments, ensuring the FY18 protects all aspects of the business.

ESET senior research fellow Nick FitzGerald says, "“Irrespective of business size, it’s critical to have a broad reach across the whole organisation with a cohesive cybersecurity solution, and more importantly, a response and reaction plan".

The company says that even cyber insurance firms are starting to get tougher on security requirements. Recent cases have not looked favourably on 'we had firewall and antivirus but still got hacked' cases, suggesting that businesses now need much more.

Cyber insurance policies tend to cover requirements that can, at a minimum, ask for competency across process, logging and monitoring so that businesses are covered when breaches occur.

ESET says that for some businesses who have those kinds of protections, cyber insurance is a good option. If not, businesses should consider upping their security so they're actively preventing threats and covered if breaches occur.

The company also says that there are three areas SMBs and businesses should focus on: Security, reliable backup and talent.

Security: Comprehensive endpoint security software that offer extra, interoperating levels of security. Anti-malware is also recommended.

Reliable backup: Backing up systems at regular intervals is crucial. Keep one backup on offline storage at all times. Also ensure backup systems are working properly.

In addition, it can take a long time to deploy patches and system software updates, but it will save businesses in the long run. Turning on automatic updates can help this process.

Managed service providers should also check what system update policies apply to their systems and consider their applicability.

Talent: Training employees to identify threats and investing in talent is the best way to maximise current assets, ESET says.

Move beyond compliance to training systems and encourage them to become the change to better defend themselves and their company. using real-world examples of threats and threat protection can help them in the workplace - and at home.

ESET says a team doesn't need to be a collective cybersecurity expert, however a good understanding of the warning signs to look out for and having procedures in place that emphasise the importance of reporting will go a long way.

Slack users urged to update to prevent security vulnerability
Businesses that use popular messaging platform Slack are being urged to update their Slack for Windows to version 3.4.0 immediately.
Secureworks Magic Quadrant Leader for Security Services
This is the 11th time Secureworks has been positioned as a Leader in the Gartner Magic Quadrant for Managed Security Services, Worldwide.
Deakin Uni scores double win with Exabeam partnership
Australia’s Deakin University is partnering with SIEM security company Exabeam in an effort to boost the university’s cybersecurity degree program and strengthen its SIEM capabilities.
Google puts Huawei on the Android naughty list
Google has apparently suspended Huawei’s licence to use the full Android platform, according to media reports.
Voter vulnerabilities: Cybersecurity risks impact national elections
The outcome of elections have an enormous impact on the political and cultural landscape of any democratic society. 
Using data science to improve threat prevention
With a large amount of good quality data and strong algorithms, companies can develop highly effective protective measures.
General staff don’t get tech jargon - expert says time to ditch it
There's a serious gap between IT pros and general staff, and this expert says it's on the people in IT to bridge it.
ZombieLoad: Another batch of flaws affect Intel chips
“This flaw can be weaponised in highly targeted attacks that would normally require system-wide privileges or a complete subversion of the operating system."