SMEs under attack: How to secure your business against cybercrime

It might surprise you to know that small-to-medium-enterprises (SMEs) are increasingly the targets of cyberattack and data theft. Research has found that 43% of cyberattacks are made against small businesses – up from 18% just a few years ago.

While there’s a lot to consider when protecting your business, there are several basic steps you can take to safeguard your SME from the potentially devastating impacts of a cyberattack.


Cyber criminals spot weaknesses and hone in on SMEs

According to Retrac Business Solutions Director, Travis Carter, the reasons for the increase in attacks relate to the relative ease with which a hacker can access an SME’s systems and data. Simply put, small businesses make for better targets.

“There is a higher likelihood that the small business will be hacked over the big one. They’re the low hanging fruit for the hacker. If given the choice between Joe Bloggs Bakery and Telstra, a hacker would absolutely choose Joe Bloggs, every time,” says Travis.

A survey run by the Australian Cyber Security Centre (ACSC) found that almost half of SMEs rated their understanding of cyber security as either ‘average’ or ‘below average.’ Those surveyed were also found to have poor cyber security practices.

While SME respondents know that cyber security is important, they face significant challenges when attempting to implement appropriate cyber security practices. Travis notes that these barriers often include:


  • A lack of dedicated staff with an IT security focus
  • The complexity of adequate cyber security
  • Challenges in understanding and implementing security measures
  • Underestimating the risk and consequences of a cyber incident
  • A gap in planning for, and responding to, cyber incidents.


So, how can you protect your businesses?

According to Travis, there are four important steps SMEs can take to secure their businesses against cyberattack.


Step #1: Engage with an expert

“Whether that’s hiring someone, partnering with another provider, or bringing in a Managed Service Provider (MSP), you need to make sure you’re working with someone who knows what they’re doing. This can often be harder than it sounds,” says Travis.


Step #2: Deploy Microsoft Cloud Solutions to protect your business

Utilising Microsoft’s broad suite of security solutions is Travis’ preferred choice to protect your business from the threat of cyberattack. Microsoft invests around $US 1 billion in Cloud security every year.

“I like to think of Microsoft as the largest cyber security company in the world. They spend more on cyber security than any other company. End users directly benefit from this ongoing investment and development with new features, functions and apps constantly being released,” explains Travis.


Step #3: Configure your Microsoft security settings and continuously monitor for incoming threats

With so many security features available with Microsoft, it can be overwhelming to know where to start. It’s important that SMEs focus on the most relevant and useful functions.

“Microsoft on its own is not enough. It needs to be configured and controlled. Once the framework is set up, someone needs to monitor it, constantly,” says Travis.

Often in small businesses, IT falls to either the business owner or an employee who has a little more technical nous than everyone else.  While these staff members might be able to help solve a quick tech issue, they are not equipped or experienced enough to take the proactive measures needed to keep a business secure.

“Your IT needs to be monitored by someone who knows what they’re looking for. The threats will be visible but if no one’s looking for them, or knows what to look for, they’re bound to slip through,” says Travis.


Step #4: Consider cyber insurance – also known as cyber-liability insurance

An increasing number of SMEs are investing in cyber insurance, a policy that helps protect organisations from the fallout from cyberattacks and hacking threats.

The most common claims made under cyber insurance are ransomware, fund-transfer fraud attacks, and business email compromise scams.

“With the increasing rates of cybercrime we’re seeing, Boards and business owners are asking for evidence of the steps companies are taking to protect themselves. Insurance companies are asking businesses to report how security is set up. The Retrac Security Bundle covers all potential requirements for cyber insurance,” notes Travis.


Are you ready for a cyberattack? Talk to Retrac today

Retrac’s Security Bundle helps you understand the risk by auditing your environment. A dedicated team of experts help prepare and implement security policies, educate your team and plan, execute, and maintain threat intelligence.

“Our team can help you recover from an incident, assess your vulnerabilities and secure your environment moving forward. By engaging Retrac, you’re ticking the insurance boxes straight away. Our bottom line includes everything – all the risks you can think of. There’s someone at Retrac always reviewing the latest and greatest security updates so you know you’re covered,” concludes Travis.

Contact Retrac today to find out how to better protect your business.