August 24, 2022

Three things to note when setting up data protection for your small business

Cyber attacks are one of biggest threats to small businesses. While 50% of big corporates go over budget with cyber security spending, the average SME doesn’t invest enough in protecting their data or digital platforms. Small businesses are the least prepared to deal with a cyber attack.

All types of cyber attacks have increased in recent years as more businesses go digital. To illustrate, consider the fact that there was a 70% increase in Trojan-PSW (Password Stealing Ware) detections in South Africa from 2021 to 2022. This malware attack tool is used to steal passwords and other account information, allowing cybercriminals to access networks and steal data.

SMEs in South Africa tend to be under-resourced when it comes to technical skills, budget and time to deal with cyber attacks. However, many small business leaders have become aware of the importance of data protection and are seeking out tailored solutions to protect their digital assets. Knowing what the main threats are and how to deal with them are essential for SMEs. So, what are three things small businesses should note when setting up their data protection?

1. Small businesses are highly vulnerable to data breaches

Almost two thirds of cyber attacks target companies with less than 100 employees. Dealing with the effects of a cyber attack seriously impacts productivity and profitability. Trends appear to show that 60% of small companies go out of business within six months of a significant cyber breach. These entities are the backbone of the South African economy, so it’s vital to institute cyber security measures.

Poor cyber security awareness among staff is a significant contributor to data breaches. Around 95% of cyber security issues can be traced back to human error. As such, the World Economic Forum sets staff training as a top priority for maintaining cyber security.

Research findings from 2021 show that worldwide increases in ransomware attacks, third-party data breaches, remote workforces and the integration of internet of things (IoT) technologies are putting pressure on IT security leaders. The security priorities for this year are threefold:

Businesses need to be better prepared for security issues
Sensitive and confidential data needs better protection
Companies need to improve cyber security awareness among employees.

2. Small businesses struggle to recover from data breaches

Small businesses are an easy target for attack; almost half of all cyber attacks target small companies. It is extremely costly for SMEs to recover from a data breach when they do not have the right tools and procedures in place.

When data is encrypted by malware it is often difficult to remove encryption. This translates to a loss of intellectual property or a full-scale data breach. When a ransomware attack shuts down the business network, there is lost productivity due to downtime. Businesses incur reputational costs when they cannot cater for their customers' needs.

On average, a cyber-attack results in 20 days of downtime. In some cases it can take weeks to get systems back online. To mitigate this risk, small businesses need an effective data back-up and recovery strategy. This includes the comprehensive back-up of all endpoints, digital platforms, cloud networks and SaaS apps

3. Small businesses need to be compliant with data protection laws

Data protection laws are there to ensure that businesses stay protected, compliant and prevent personal records or other personally identifiable information being used by cybercriminals. Businesses may face legal repercussions, such as hefty fines, if they fall victim to a data breach.

If client information is stolen, the company may be required to pay damages for this, including compensation for any financial losses that might have incurred as a result of the attack. Small businesses generally do not have the right cyber tools to maintain information and data security. When a device is lost or stolen, businesses need to show that they can delete any sensitive data stored on that device.

Small businesses need to upgrade their cyber security

Traditional anti-virus and anti-malware are no longer sufficient to protect business networks. These legacy solutions defend against known types of attack but leave networks defenceless in the face of new types of security breach. What’s more, when cyber security tools are installed on individual devices, they cannot give holistic coverage and protection.

Traditional antivirus software can't detect and contain attacks fast enough because they do not protect the entire attack surface. During a ransomware attack, malicious code encrypts files and spreads through the network, preventing businesses from accessing their data.

Data protection for small businesses in South Africa

Cyber security budgets are increasing on a global level, with local SME spending on cyber security is predicted to increase by 14% by 2026. But what exactly should SMEs be spending their money on?

Upgrades to email and endpoint security are essential for small businesses. SMEs can begin to fortify their defences by implementing endpoint protection with next-generation firewalls and encryption. This will ensure that the entire business network and all devices are under the same umbrella of cyber protection.

It’s recommended that email protection includes immediate detection and response to threats. Alleviating the risk of business email compromise, phishing and ransomware is of high priority for small businesses.

For SMEs operating on the cloud, multi-cloud, or hybrid environments, IT security leaders must ensure that all these digital environments are comprehensively protected. SEACOM Business offers an integrated security framework with intelligent endpoint protection for both on-site and virtual architectures.

Our solutions are easy to scale and manage which keeps costs down. As small businesses grow, they can scale up their security to ensure that their valuable digital assets and ecosystems are always up and running. For more information or to get a quote for our cyber security solutions, email us at marketing@seacom.com or leave us a message.

SEACOM owns Africa’s most extensive network of information and communications technology (ICT) infrastructure, including subsea cables and secure internet connections. We offer a diverse range of flexible, scalable and high-quality solutions for businesses that meet world-class standards for connectivity.

SEACOM is privately owned and operated, making it agile and adaptable to the needs of the customer. This makes us the preferred ICT and internet connectivity partner for African businesses and peripheral service providers. We can guarantee high-speed, low-latency and secure internet connections to corporates and small enterprises.

For‌ ‌more‌ ‌information‌ ‌on‌ our internet and voice solutions, ‌follow‌ ‌us‌ ‌on‌ ‌‌LinkedIn‌,‌ ‌‌Facebook‌ ‌or‌ ‌‌Twitter.‌ ‌Keep‌ ‌an‌ ‌eye‌ ‌on‌ ‌our‌ ‌‌news‌ ‌section‌‌ ‌for‌ ‌insightful‌ ‌articles‌ and relevant news stories on African ICT, internet connectivity and our leading cloud and security solutions.

Need internet for your home? Our subsidiary, WonderNet, brings fast and cost-effective broadband internet to all Africans with a fibre-to-the-home offering.