Answering your burning questions about Cybersecurity for SMBs

Answering your burning questions about Cybersecurity for SMBs

It is no surprise that the necessity of remote and hybrid working significantly accelerated digital transformation for most small and medium businesses in recent years. However, it’s important to note that while the implementation of new technologies has changed the way that these businesses function, it may have also created many potential security risks.

Small and medium businesses must invest in protecting their IT systems from cybercriminals. As the cybersecurity landscape is constantly changing, it is common for SMBs to have questions about cybersecurity and what they can do to protect their businesses. Here we answer some of the frequently asked SMB cybersecurity questions.

  1. What is cybersecurity?

Cybersecurity is a branch of information security including the practices an organisation undertakes to reduce the risk of a cyberattack. These practices are focused on technology to stop cybercriminals from accessing sensitive information, extorting money from users, or interrupting normal business procedures.

  1. What are the most common forms of cyberattack?

The three most common forms of cyberattack are: phishing, malware, and distributed denial of service (DDOS) attacks.

Phishing is where a cybercriminal contacts a target by email, telephone or SMS posing as a legitimate individual, or business to deceive the victim into clicking a malicious link or providing sensitive information, such as passwords or payment card information.

Malware is any software that is intentionally designed to cause damage to a computer, server, or network. This includes viruses, ransomware and trojan horses. Malware is often distributed through malicious emails, websites, and advertising.

Distributed Denial of Service or DDOS is a malicious attack where a cybercriminal overwhelms a target server, service, or network with internet traffic to disrupt normal traffic. The goal of these attacks may be to stop legitimate traffic from visiting a site, or to overwhelm network equipment, such as firewalls, in order to launch another cyberattack.

  1. What types of businesses are most like to be targeted by cybercriminals?

All businesses are at risk of falling victim to a cyberattack. In the past, it was more common for larger businesses to be targeted. However, it has become increasingly common for cybercriminals to target smaller businesses with ransomware as they typically are easier targets with weaker security.

  1. What is the average cost of a cyberattack?

As an example, in 2021, the median monetary cost of a cyberattack was £8,460, with the most expensive cyberattack costing £15.8 million. It is important to note that the monetary cost is often not as damaging as the loss of reputation and downtime associated with many cyberattacks.

  1. How does the advent of hybrid work affect cybersecurity?

The move to hybrid work has many benefits for employees and businesses as a whole. However, it can weaken a business’s security posture. The key cybersecurity associated with both hybrid work and remote work is the lack of visibility of endpoints and networks. With employees working from multiple locations, the network boundary expands drastically and an unsecure home network could lead to a cyberattack within a business.

  1. What are the top SMB cybersecurity mistakes?

The most common mistake that SMBs make when considering cybersecurity is thinking that it won’t happen to them. Regardless of the size of industry a business operates in, they can be the target of a sophisticated cyberattack. Many of these attacks can be prevented with relatively simple measures, and a comprehensive cybersecurity solution will stop most attacks in their tracks.

  1. What should the top cybersecurity priorities be for an SMB?

The top priority for all SMBs should be to ensure they have enabled multi-factor authentication on their Microsoft 365 account. This simple action will prevent 99.9% of all account compromise attacks. After this is enabled, businesses should secure their email system, as it is the most common attack vector. After their email system is secured, it is important to implement a backup and disaster recovery solution, so if a business does fall victim to a cyberattack, the downtime will be limited. A comprehensive cybersecurity solution should address all these priorities and more.

  1. What should an SMB look for in a cybersecurity solution?

When SMBs are searching for the right cybersecurity solution, it is important to ensure that the solution provider covers all areas of the cybersecurity landscape. This includes endpoint protection, email protection, network protection, backup and disaster recovery. Having comprehensive cybersecurity solution will significantly decrease the chance of an attack.

  1. How much will a cybersecurity solution cost?

It is difficult to know how much a cybersecurity solution will cost without understanding the needs of a particular SMB. On average, businesses spend 10% of their IT budget on cybersecurity, however, it is important for businesses to consider the potential losses associated with a cyberattack, and factor this number into the equation when deciding how much to spend on a cybersecurity solution.

What’s Next?

If you have a small to medium sized business in Burgess Hill, Crawley, Haywards Heath, Brighton, or anywhere across Sussex or Surrey, you need to invest in cybersecurity in 2023. It will significantly reduce your chances of falling victim to an attack. If your business is ready to take the next step in securing your IT systems, contact the Extech Cloud team today and speak with a cloud specialist.×200.jpg

Back to News & Resources

Related news

    Book a free online consultation

    We love talking to businesses and understanding what they do and what they need. If you'd like to book a short, no obligation consultation, please provide us with your details. We understand that you may already have an IT company, consultant or team, so all contacts are treated as completely confidential. A fresh new IT approach could begin here...

    DD slash MM slash YYYY


    Get answers to common questions here.

    News & Resources

    Get latest updates, downloads and white papers.