Close
If you're on the Internet, you face security risks. You can no longer afford to assume that your business won't be a target because you're not big enough.
While big businesses have the finances and the resources to invest heavily in cyber security, only about 14% of small businesses rate their businesses as highly secure — and hackers know it. As a result, approximately 43% of cyber attacks target small and medium businesses. Almost 60% of Australian companies detected at least one cyber threat in 2016, and those numbers continue to rise — which means you can't let your security slide. These big business takeaways can substantially benefit your business' security.
Five policies for stronger security
Whatever the size of your business, here are five key cyber security lessons you can pick up from the way big businesses manage their information IT.
Security training for employees in your business is critical. Over half of all businesses recognise that they are at risk from within. Accepting fraudulent email, handling passwords carelessly, and using unsecured devices are major causes of breaches. Multi-factor authentication can make break-ins harder and employees need to learn how to use it properly. Good security practices need to become habits, not just textbook knowledge.
Regular audits will help to protect your business. Assessing risks lets you determine what most needs protecting and where vulnerabilities are most likely to be. Audits determine how well these areas are covered. Computer networks change frequently, so it's necessary to make sure protections are up to date. The NIST Cybersecurity Framework provides guidance for auditing a network.
Test your people. Your employees are among the biggest cybersecurity threats to your organisation. Some are actively trying to steal information, but the biggest threat is sheer carelessness. Checking whether people are actually following security practices tells you whether the training was effective or not. Penetration testing can help to determine how secure your network is. Sending test phishing messages to employees will show you who might need a refresher on their training.
Managed services are a great way to keep up with security when your resources are limited. Hiring full-time cybersecurity specialists may not be feasible for your business, but you can still get access to these specialist skills with outside, with a much more cost-effective model. Keeping software up to date is essential for your security. Firewall configuration errors can leave gaping vulnerabilities. A managed services company can stay on top of these issues for you, much better than an overburdened IT manager. They can also monitor your network 24x7 to spot any unusual activity, so you can detect and respond to breaches quickly.
Make sure that all elements of your business are secure. If it's connected to your network, you need to know how it has the potential to impact your security. Mobile devices and cloud services are easy to overlook. Devices on the Internet of Things often have serious vulnerabilities. Partner sites can also open up risks if they're careless with their own security. The infamous Target security breach of 2013 was the result of giving network access too freely to a business partner who didn’t have robust security measures in place. A bring your own device policy can also create risks for your business if it's not carefully managed.
Defence in depth
No single measure is enough to stop all attempts at cybercrime. Employees need to learn to handle spam. It’s always best to have them send spam and suspicious emails to IT, so that filters can be updated and similar messages blocked from reaching other users. But some employees will still make mistakes. Anti-malware software should protect against their mistakes, but it won't catch every hostile executable file. Access control will limit the damage malware can do but not stop it completely. Breach detection will catch what gets through all those lines of defence, as long as it isn't overloaded. Data loss prevention, including offsite backups, helps to recover from ransomware and other attacks. Every defensive measure contributes to the security of the whole network.
It's a lot to deal with. More and more businesses are turning to managed service providers and auditors to help them keep up. Canon's IT Security Essentials Assessment powered by Canon owned IT provider Harbour IT, will help ensure that your business doesn't have any uncomfortable security holes.
At the same time, an organisation has to stay security-conscious and make sure that all its employees are. Some large enterprises set a great example with comprehensive security; others make headlines when their measures fail. Big businesses have dedicated teams to guard against cyber threats, as well as ample financial and technical resources. You can learn from their experience and find ways to apply it to your business.
Is it time to move your printing and document workflows to the cloud?
In this increasingly digital world, you have a world of tools at your fingertips to make better printing decisions, helping you financially, reducing waste and streamlining your processes.
Canon’s uniFLOW print management software can connect with major practice management software
Managing your information security is a complex business. Like any device connected to your network, your printers could be jeopardising your information security if not implemented and managed carefully.
Whether you’re leading a law firm or an alternative legal practice (ALT), blockchain is set to revolutionise the way you do business. You will soon be using it yourself or guiding your clients as they get to grips with it.
AI has shifted from being experimental technology to the mainstream. Here are six areas where AI is impacting the legal industry right now.
To date, the average total cost of a data breach is approximately AUS$2.51 million. That's bad news. And it gets worse: Australia ranks fourth among the 10 countries most affected by data breaches. Be proactive and avoid these common data leaks.
As technology enters classrooms, auditoriums and libraries, it brings new risks to the education sector. All it takes is one click from a student device to potentially compromise your entire network. Faced with these various threats, does the education sector receive a ‘High Distinction’ for its efforts to protect its troves of student and staff data? Recent findings from the inaugural Canon Business Readiness Index on Security suggest not.
In this digital world, data management is a significant responsibility and a data breach is an equally significant risk. Should things go wrong, businesses must take steps to minimise the impact. With the changes to the Privacy Act coming into effect this week, Andrew Giles, Head of Public Relations and Communications for Canon Australia, shares insights on how to preserve trust and maintain strong customer relationships.
There is a lack of clear standards relating to how school records should be secured. As a result, the level of security varies from school to school, and sometimes within an institution itself. What can you do to ensure your school is exercising best practice with your school records?
After years of hype, artificial intelligence is ready to disrupt the workforce – and it’s time for executives across industries to pay attention.
