5 Tips To Strengthen SME Cybersecurity

As the global community commemorates the United Nations ‘Micro-, Small and Medium-sized Enterprises Day’ today, June 27, cybersecurity firm Kaspersky has called on MSMEs to take extra precautions in safeguarding their online resources against increased cybercriminal activities.

According to the latest Kaspersky Threats to SMB report, the number of SME employees globally encountering malware or unwanted software disguised as legitimate business applications have remained relatively steady year-on-year (2,478 in 2023 compared to 2,572 in 2022), and cybercriminals are persisting in their efforts to infiltrate these businesses.

“Cybercriminals are already way ahead of the curve, so much so that virtually every organisation will experience a breach attempt at some point. Our ongoing research continues to demonstrate how the cyber threat landscape is expanding, and no one or enterprise is beyond reach. These enterprises must therefore see cybersecurity not as a choice, but as a necessity in the digital age,” said Bethwel Opil, Enterprise Client Lead at Kaspersky in Africa.

To navigate the complex cybersecurity landscape, Kaspersky shared the following suggestions every SME should consider:

1. Endpoint Security: A key vulnerability in many businesses is the endpoint – the laptops, smartphones, and other devices that employees use every day. Endpoint Detection and Response (EDR) technology is designed to protect these access points from potential cyber threats, keeping data safe. An SME’s EDR may include tools like advanced detection engines, real-time analytics, and the ability to hunt, investigate, and centrally respond to evasive threats across the protected infrastructure. There should be applied threat intelligence and visibility into endpoints.
2. VPN (Virtual Private Network): A VPN enables a secure connection over the Internet, protecting data from cybercriminals and hackers. For SMEs who have employees working remotely, a VPN is essential to maintain secure connections. These solutions are especially useful when using public Internet connections, such as in coffee shops, airports, or guest houses which can be vulnerable to hackers. A VPN gives users a secure connection which separates hackers from the data they are hoping to steal.
3. Cybersecurity awareness training: Education is the first line of defence. Continuous cybersecurity awareness training can significantly reduce the risk of successful cyberattacks. Employees who can identify phishing scams, use strong passwords, and follow secure online practices are valuable assets in the ongoing fight against cybercrime.
4. Backups: Backups ensure that in the event of a cyberattack, the business can recover quickly and with minimal disruption. Backups should be performed regularly and stored off-site or on the cloud for maximum protection.
5. Cloud security: As more SMEs embrace the cloud, securing these environments is critical. Using a trusted cloud service provider and employing cloud-specific security measures to protect data is something that SMEs must understand is non-negotiable. A SME is still responsible for getting their data into the cloud and they need to take the necessary steps to keep it safe while doing so.