A businessman holding a padlock protecting business and information data with a virtual network connection A businessman holding a padlock protecting business and information data with a virtual network connection

Top 12 Tips SMEs Can Take to Enhance Cybersecurity

Feb 2022
By Prof. Sally Eaves
Blog Home

#KingstonCognate Introduces Prof. Sally Eaves

Photo of Prof. Sally Eaves

Prof. Sally Eaves is Chair of Cyber Trust and Senior Policy Advisor for the Global Foundation of Cyber Studies and Research. Described as the “torchbearer for ethical tech,” she is the inaugural recipient of the Frontier Technology and Social Impact Award, presented at the United Nations. A chief technology officer by background, and now Professor in Advanced Technologies and a global strategic advisor across emergent technologies, Sally is an award-winning international author, MC, keynote speaker, and thought leader on digital transformation (AI, 5G, cloud, blockchain, cybersecurity, governance, IoT, data science) alongside culture, skills, DEI, sustainability, and social impact.

Sally educates and mentors actively to support the next generation of tech talent and has founded Aspirational Futures to enhance inclusion, diversity, and equality in education and technology, with her latest book on “Tech For Good” set to be released soon. Sally is consistently recognized for global influence in the technology space by leading bodies such as Onalytica, appearing in the top 10 worldwide across multiple disciplines from AI to 5G to sustainability and beyond.

Cybersecurity should be high on the agenda for all businesses in 2022. In some small and medium enterprises (SMEs), security can be seen as an afterthought or they may not have the resources or skillset in house. It's important to protect your business now and in the future. In the last article How to Close the Security Gap for Small and Medium-Size Enterprises, we talked about the challenges that SMEs face. Here, Prof. Sally Eaves shares her top 12 cybersecurity tips to help them and their employees:

Tip #1 - Keep software up to date

DataTraveler Vault Privacy 3.0 with a blue illustration of 2 gears behind it and network lines on a black background

Software providers release updates for a myriad of reasons including enhanced functionality, bug fixes, and security patches. Ensure your software is continually updated to the latest version as and when it becomes available.

Tip #2 - Automate your security compliance

With over 1,000 different laws impacting cybersecurity, privacy, and governance globally today – and growing – this can create a complexity challenge. Deploy automation wherever possible to better visualize, manage, measure, and ultimately solidify your compliance end to end.

Tip #3 - Outdated hardware, upgrade when needed

There is no need to always follow the latest leading-edge technology innovation, but you must at least keep up to date with your software upgrades. With software developers realizing the risk of software vulnerabilities, they offer a periodic update. However, these new updates might not be compatible with the hardware of the device. This is what leads to outdated hardware, when the hardware isn’t advanced enough to run the latest software versions – avoid creating this risk.

Tip #4 - Keep your data safe, always have a backup plan

Keeping data safe is critical especially the data that exists locally with your employees. Encrypted USBs can be very effective here, helping ensure that sensitive data can be stored and transferred as securely as possible. Secure data backups are essential for any small and medium enterprise. Remember, malicious threats and hackers don’t always want to steal your data, but sometimes use ransomware where the end goal is to encrypt or erase it. Data recovery resilience is key.

Tip #5 - Use a VPN

Utilizing a VPN for your internet access protects your private information, even from your ISP. Software VPNs are widely used today, and with very good reason.

Tip #6 - Disable Bluetooth

With so many applications utilizing this connectivity protocol, Bluetooth devices can and do get hacked regularly, and are often linked to phishing messages enticing you to “click here” – don’t do it!

Tip #7 - Don’t click without thinking

Malicious links can do damage in several ways. It is important to train your employees on how to identify such links. Be sure to inspect links and ensure they are from known trusted senders before clicking.

Tip #8 - Secure your mobile device

It’s not just your office (or home) desktop that needs to be secured. It’s important to get into the habit of securing your mobile device as well. Use strong two-factor authentication passwords and biometric features.

Tip #9 - Social engineering

When hackers cannot find a security vulnerability, they’ll attack in other ways. Enter “social engineering.” This type of attack focuses on the mindset and concerns of the user, rather than on the device, to gain access to systems and information. Delete any request for personal information or passwords. Nobody should be contacting you for your personal information. Always be mindful of risks.

Tip #10 - Have a plan for dealing with breaches

It’s “not an if but when” scenario and with the ever-expanding cybersecurity threat landscape it can be difficult to always stay ahead of malicious attacks that are evolving in sophistication too. Have a plan that deals with “after-the-fact” breaches and practice/test your response regularly.

Tip #11 - Educate your employees

The people factor is one of the biggest risks in cybersecurity, and with social engineering, phishing, and ransomware attacks now a day-to-day occurrence, educate yourself, your family, and your team on the topic of cybersecurity regularly – and stay diligent too! And from SME right through to Enterprise there are fantastic and often free resources available to help you do just that.

Tip #12 - Collaboration is the antithesis of ecosystem fragmentation

We need technology, governance, compliance, legislation, education, and insurance to come together to negate security risks. Explore opportunities to share your knowledge, best practice suggestions and “get involved.” Everyone benefits from such a co-creative and open approach to security sharing.

Data breaches, hacking, and the human element are continuous reminders of threats and risks worldwide. The costs associated with a data breach and the unfortunate exposures can be significant. It’s important to implement the top tips to help secure your business now and for the future.

Working with the right technology partner to achieve your security goals is key. Kingston Technology is a long-established and trusted leader in the encrypted USB drive space and can offer bespoke support on the benefits and alignment to your business needs. Kingston Technology offers the "Ask an Expert" service to help provide tailored advice on the benefits to your specific storage environment and needs.

#KingstonIsWithYou

Was this helpful?

Kingston’s Ask an Expert icon on a circuit board chipset

Ask an Expert

Planning the right solution requires an understanding of your project's security goals. Let Kingston's experts guide you.

Ask an Expert
Blog Home