In Europe two
out of every three employees are employed by SME organisations. However, when
the topic of security and cybercrime is being discussed you would be forgiven
for thinking that these businesses are in the minority, as the media (and to a
large extent the vendors) focus on larger and wealthier enterprises.
It would be fair
to say that for the majority of SMEs security issues do not feature heavily in
their day-to-day thinking. After all, they are focused on running their revenue
generating operations and why would they worry about issues that seemingly only
ever happen to the ‘big boys’? And even if they do appreciate the risks, few
have the time to keep abreast of the latest threat landscape and ways to
safeguard against them.
The problem is
however that cybersecurity is very much an issue for SMEs and the impact can be
devastating. For one of those large organisations that hit the headlines it can
inflict harm on their brand reputation if not managed correctly and it can cost
many millions of pounds to resolve, as well as impacting the bottom line, but
by and large they have the resources and infrastructure to bounce back. For a
vulnerable SME a basic ransomware attack could spell the end of their business.
Of course, some
of these attacks on high profile organisations are targeted, and the owner of
an SME may counter with the question ‘Why would a cybercriminal be interested
in me?’ To answer that question take a moment to think like a criminal. They
specialise in finding weak links. Some, will be opportunistic and see an open
door, or window, with a wallet left on the table unguarded. Meanwhile, others will be far more calculated
in their approach. Your business may not be the ultimate target but you may
present the ‘open window’ through which they can get access to the organisation
that is tempting them with a big score! You are just collateral damage. What is
more, that organisation you are supplying certainly won’t thank you.
Going after the
weak link in the supply chain isn’t new (you may recall the now famous Lockheed
Martin incident back in 2011). For this reason supply chain security has moved
up the ICT agenda for large enterprises. So, for those SMEs who can demonstrate
that they will not be the weak link, it could well be the point of difference
that determines winning a major contract and losing out to a competitor.
Most SMEs do
have a basic level of protection, but for many the only time it is mentioned is
when the annual renewal of the anti-virus software comes around.
In today’s world
of multiple always on, always connected devices it is the password that
provides the first line of defence. Get hold of a password and all too often
the cybercriminal has the keys to the candy store – confidential information,
contracts and contacts, passwords and access to systems,
and in some instances that can include third parties!
The challenge
for an SME and especially those on the larger side of the spectrum is being
able to manage passwords adequately. When someone creates a password they do so
because they think they will remember it, not because they think it will be
secure. Enforce more complex or so called ‘strong’ passwords and the cost of
constant reset requests will go up. Worse still so does the likelihood that
they will be written down on a Post-It note and stuck on the side of a monitor
(insider attacks can and do happen). Ask them to change their passwords
frequently and it will inevitably be a variation on the same theme so
DavidSmith1! becomes DavidSmith2!
Large security
conscious organisations (and I stress that not all of them are) invest in
additional layers of security, such as key-ring tokens and even biometrics, but
they introduce complexity, are expensive, are resource intensive to manage and
out of reach for most SMEs. What is more, many of them will revert back to
password-based authentication if they fail! However, thankfully there is a new
breed of innovative and affordable software-based solutions on the market that
can give small and large organisations alike the same calibre of first-line
defence, replacing passwords without massive change, closing what has until now
been an easy door to walk through for the determined cybercriminal.
If you would
like to learn more about how to safeguard your supply chain visit: www.pingrid.com
Author: Steven Hope, CEO of Winfrasoft
I am glad that I saw this post. It is informative blog for us and we need this type of blog thanks for share this blog, Keep posting such instructional blogs and I am looking forward for your future posts.
ReplyDeleteCyber Security Projects for Final Year
JavaScript Training in Chennai
Project Centers in Chennai
JavaScript Training in Chennai
Today supply chain management is obvious topic to discuss. I gives 10/10 point to custom packaging Australia provider of product packaging supplies in all over Australia.
ReplyDeleteGood sharing with us. If you get some good and quick services then go for it and avail all type of services them. Browse our large selection of custom box products
ReplyDeleteA decent exercise to get your blood streaming, hikers are an entire body move made more diligently by consolidating a ball exercises for arms
ReplyDeleteAw, this was a decent post. Taking the time and genuine exertion to create a brilliant article… yet what would i be able to say… I tarry a ton and never figure out how to complete anything. best interiors
ReplyDeletewow, great, I was wondering how to cure acne naturally. and found your site by google, learned a lot, now i’m a bit clear. I’ve bookmark your site and also add rss. keep us updated. rastreo satelital gps
ReplyDelete