In fact, online security firm Symantec reports that 43 per cent of cyber-attacks target them.Breaches in cyber security are costly. A recent study shows the average is around $3.6 million per breach. But that’s just the immediate financial impact, a breach can harm a company through loss of trust and long-term reputation – issues likely to affect your brand and revenue. So how do SME businesses, who have limited budget and resources, protect themselves? Here are some top tips to improve protection on a budget.
PrioritiseDecide which company assets are the most valuable and create a plan to protect them. As the primary users of company data, accounting and finance professionals have the greatest insights into where an organisation’s high-value data is stored and who has access. With expertise in risk management, accountants are also well-placed to guide businesses on ways to look after that data.
Review your culture and policiesAs stewards of their organisations, familiar with risk and control processes, accountants can play a key role in developing a company-wide culture that supports cyber security by leading and participating in the development of key policies such as data classification, incident response plans, data retention and acceptable use.
Update softwareTech companies like Microsoft or Apple are constantly releasing software updates, commonly referred to as patches, to cover vulnerabilities that could let hackers in.
Don’t ignore these. Unpatched vulnerabilities allow hackers to install malware and ransomware, or even gain control.
Encrypt everythingIf hackers get in, ensure everything they see is indecipherable. Encrypt all hard drives, databases and data in transit by using up-to-date algorithms.
Use a cyber security frameworkThis is really important for you, your customers and your partner organisations. When your organisation develops a relationship with another, data is usually generated. If this data isn’t secured, it could offer hackers a way into your organisation and your partner’s business. In fact, before committing to a relationship, many larger organisations will want to understand how you mitigate and respond to cybersecurity risk (and protect them in the process). Look further afield for inspiration as well. The American Institute of Certified Public Accountants (AICPA) has a handy cybersecurity framework to help you communicate, externally and internally, about how your business is managing this risk. The framework has been created to allow businesses of all sizes to address cybersecurity in an agile way that suits their organisation and needs. Taking a realistic and responsible approach to cybersecurity is key to a businesses’ sustainable success. To learn more visit the cybersecurity resource centre from the Association of International Certified Professional Accountants. Andrew Harding is chief executive of the Chartered Institute of Management Accountants.
Share this story