Mike Foreman, senior vice president at AVG Technologies, says phishing attacks against SMBs are still proving hugely popular.
For instance, his firm's research shows that 56.9 per cent of SMBs have received fraudulent emails asking for money, 36.8 per cent have received fake tax rebate emails and 12.3 per cent have been directed to a fake government web page.
SMB security timeline
Chris Wysopal, co-founder and chief technology officer of application testing company Veracode, sets out a timeline for preparing a small business security strategy.
In the first three months
*Identify the stakeholders needed to articulate & execute your application security strategy.
*Educate your teams on the threat landscape and build an application security training program.
*Identify the portfolio of applications that are critical to your business.
In the next six months
*Assess business risk across your app portfolio.
*Establish security policy to comply with regulatory or customer requirements, and ultimately cover the business critical apps.
*Independently verify the security of the software that you sell, build, purchase and procure.
Clickjacking, which involves tricking people into clicking links directing them to malware installations or fake websites, is another popular form of attack used against SMBs.
"The majority of SMBs are easily tricked into clicking on these links," Foreman adds, "with only 30.5 per cent exercising caution about clicking on links claiming to be HMRC."
SMB threat protection
The biggest problem for SMBs is their size, in terms of the amount they spend on security and the breadth of their in-house knowledge about protecting themselves against cyber attacks.
"The same rules apply for any business. They need to decide which assets are critical, then put policies and solutions in place to protect those assets," says CheckPoint's Greer-King.
"Users also need educating on potential risks and threat vectors, and how their behaviour can mitigate risks. The smaller business has one key advantage here: they have fewer employees to educate."
James Potter-Irwin, a senior consultant at Plan-Net, sums it up best. "If you don't make yourself the easy target, the criminal will most likely look elsewhere for their victim."
-
M&S suspends online sales as 'cyber incident' continuesNews Marks & Spencer (M&S) has informed customers that all online and app sales have been suspended as the high street retailer battles a ‘cyber incident’.
-
Manners cost nothing, unless you’re using ChatGPTOpinion Polite users are costing OpenAI millions of dollars each year – but Ps and Qs are a small dent in what ChatGPT could cost the planet
-
Report: UK’s SME tax-relief schemes exacerbating Golden Triangle growth disparityNews A report from the UK Treasury has called for more targeted support for tech SMEs
-
An end-to-end roadmap for SMB cloud migrationWhitepaper Future-proofing transformation
-
The total economic impact™ of DattoWhitepaper Cost savings and business benefits of using Datto Integrated Solutions
-
The most significant challenges facing SMBs post-pandemicIn-depth We examine the obstacles small and medium businesses face in a post-pandemic world
-
Help to Grow: Government responds to SMB SOSWhitepapers Sample our exclusive Business Briefing content
-
NetSupport DNA 4.5 reviewReviews A prize asset management solution packed with valuable features and priced right for SMBs
-
SMEs to increase digital spending in next six monthsNews A study has revealed 69 per cent of SMEs want to buy new tech and premises to boost productivity
-
Dell PowerEdge R920 reviewReviews Powered by Intel’s latest E7 v2 Xeon processors, the PowerEdge R920 also beats HP alternatives when it comes to storage features
