By David Rajoo
In the month of October, the world celebrates Cybersecurity Awareness Month to come together and bring attention to the importance of cybersecurity.
This year marks a significant year for Cybersecurity Awareness Month as it celebrates its 20th anniversary, commemorating two decades of hard work in promoting cyber safety online.
However, that doesn’t mean our efforts should cease there—in fact, with the evolution of our digital landscape, it’s important now for all parties to be vigilant more than ever.
This year’s Cybersecurity Awareness Month theme urges everyone, from individuals to families and even to SMEs, to “Secure Our World” and cultivate a safe place online.
SMEs in particular bear a huge responsibility in this, as they make up 90 per cent of Malaysian businesses, yet they face big risks from being the main targets of data breaches.
In fact, Malaysia took the crown for the frequency of disruptive attacks in the ASEAN region this year, according to Palo Alto Networks’ 2023 State of Cybersecurity Report.
According to the report, SMEs are also less confident in coping with cybersecurity threats compared to larger organisations due to the lack of larger cybersecurity budgets and relatively weaker in-house cybersecurity. In line with the strive to “secure our world”, SMEs must face cybersecurity challenges head-on, implementing measures to take charge of the safety of their organisation.
Palo Alto Networks suggests five tips that SMEs can consider:
A security assessment is akin to a comprehensive health checkup for your organisation’s digital infrastructure. It plays a vital role in identifying potential weaknesses in your cybersecurity defences. Since every organisation is unique in its operations and requirements, a security assessment recognises that each network may have different vulnerabilities and points of weakness, allowing you to tailor your security measures accordingly.
Firewalls with Advanced Security Functions
A firewall or cloud-based network security system can prevent attackers and enable an authentic zero-trust architecture. To defend against invasive attacks, the solution must apply machine learning models to protect against these advanced attacks in real-time.
Strengthening Network Security with Endpoint Security Software
Endpoint security software serves as an important layer of digital guardians of your organisation. It actively protects your servers, computers, and devices, acting as watchful sentinels ready to detect and prevent any suspicious activities or unauthorised access attempts that might threaten your device. Capabilities must include precision AI to detect and protect against sophisticated attacks.
Dedicated Cybersecurity Team
SMEs benefit from having a dedicated cybersecurity team act as digital guardians, either via in-house capabilities or outsourced to cybersecurity specialist firms. This team works to shield critical information, defend against online threats, and ensure business continuity. Having a dedicated team ensures continuous vigilance against cyberattacks, timely incident response, and proactive security measures tailored to the specific needs and vulnerabilities of the organisation.
Investing in employee security awareness training is a key foundation of defence in your digital fortress. It empowers your team with essential skills like crafting strong passwords, recognising phishing emails, and practising safe internet behaviour, making them vigilant gatekeepers of your digital assets.
Cyberattacks can result in detrimental losses for the company, including the loss of revenue, financial theft, and unauthorised access to confidential intel.
Furthermore, data breaches expose a larger crowd of individuals who will be put at risk of identity theft through the leakage of personal information.
These negative consequences highlight the pressing need for SMEs to heighten their cybersecurity measures and start taking steps to establish a proper security system.
Organisations now realise the real issue they face is achieving resiliency by moving from a reactive to a proactive security strategy that aligns your defences to protect against your biggest risk.
To accomplish this, you need to assess and test your security controls, transform your strategy with a threat-informed approach, and respond in record time when faced with a security incident.
Cyber resilient organisations can continue delivering critical services, even when navigating a cybersecurity incident because there is a tactical plan for how to operate in a degraded state. Organisations that have a thorough understanding and dedicated approach to resilience will thrive above competitors when faced with a cybersecurity incident, minimising business disruptions, maintaining customer trust, reducing the remediation timeline, and lowering the overall cost of a breach.
About the author: David Rajoo is the Head of Systems Engineering at Palo Alto Networks. This is an opinion column. The views and opinions expressed in this article are those of the authors and do not necessarily reflect the official policy or position of this publication.