The sober fact is, however, that as much as 70% of cybercrime in the US is aimed at small businesses, according to figures released by the National Cyber Security Alliance. The exact figures for South Africa are not yet known, but it is plausible that South African owner-managed businesses are equally at risk, says Lang.
The dangers include having to pay ransom to hackers who encrypt your company information, having your business’s website and social media accounts vandalised, your bank accounts raided and your customers’ confidential information breached.
Lang offers the following tips to business owners to protect their enterprises from cyber criminals:
- Adopt the right attitude: Know that a cyber-attack is not a question of “if”, but “when”. Don’t wait for it to happen. Be proactive and start working on protective measures now.
- Learn as much as you can about cybercrime: You do not have to attend expensive courses or hire consultants to learn a lot about the subject. There are many substantial blogs and sites dedicated to the fight against cybercrime that can help keep you informed.
- Raise awareness among your team: Everyone on your team, from the most senior to the most junior, is a potential weak spot who can unwittingly open a door to your computer network by falling for a cyber-scam. The more they know about how cyber-attacks work and how common they are, the stronger your defence. Everyone in your organisation needs to know what suspicious emails and other cyber swindles look like.
- Run regular checks: Practice basic computer hygiene in your business by installing protective software and running regular anti-malware scans. Use the services of IT professionals to assist where so required.
- Enforce a clear internet protocol: Make it clear that your business’s computer system is for business use only. When files and programmes are downloaded on any of the business’s computers it needs to be for good business reasons. When staff members start downloading games, gifs, music and entertainment videos, the business not only loses productivity, but becomes more vulnerable to cyber-attacks. The downloading of pirated software and documents from unknown sources must be prohibited.
- Enforce a clear password protocol: Set up clear rules about passwords for all users on your system, including how often they should be changed. Two-step verification systems add an additional layer of security. In order to sign in, a verification pin is also sent to the user’s cell-phone, decreasing the risk of it being hacked.
- Try to keep your system up to date: Cyber criminals often exploit back doors that exist in older software, but which have been patched up in latest versions. It may seem expensive to constantly update your system, but a cyber-attack can cost you much more.
- Act quickly: If any of your staff members suspect that a computer has been compromised, they must isolate it from the network immediately and inform the rest of the team. Don’t postpone a thorough investigation and a system-wide clean-up.