SME Cyber Security Insights
The National Cyber Security Centre (formerly NZ Cert) sheds light on the cyber security practices of small and medium-sized enterprises (SMEs) in New Zealand.
These insights are crucial, especially given the evolving threat landscape. Here are some key takeaways:
1. Link and Attachment Verification: SMEs are becoming more vigilant. The most prepared SMEs are becoming more vigilant and are training their staff to verify links and attachments within emails or text messages, which is a great practice to prevent falling victim to phishing attacks or malware.
2. Software Updates: Keeping software up to date is essential. The report is encourgaing as it emphasises that SMEs are promptly updating their software applications to the latest versions after receiving notifications. This proactive approach helps protect against vulnerabilities and exploits.
3. Data Collection: Cyber-aware SMEs recognise the importance of data privacy. They limit data collection to what’s necessary, avoiding unnecessary exposure of customer information.
4. Email Filters and Authentication: Email security matters. SMEs use email filters to block malicious content, but they must also implement two-factor or multi-factor authentication for their main accounts. These measures enhance overall security posture.
5. Cybersecurity Software Solutions: Many SMEs are now adopting cybersecurity tools. They use anti-virus software, VPNs, and other solutions to safeguard their digital assets.
6. Password Practices: SMEs are getting smarter about passwords. The best will use different passwords, employ strong ones for critical accounts, and change default password settings on devices.
7. User Access Controls and Backups: Controlling user access and regularly backing up data are part of a well-run SME security strategy. These practices help mitigate risks associated with unauthorized access and data loss.
8. Incident Response Plans: Preparedness is key. SMEs are starting to deveop incident response plans, ensuring they’re ready to handle security incidents effectively.
Remember, cyber threats are ever-evolving, so staying informed and implementing best practices is crucial for all businesses.
If you’d like more details, feel free to explore the full report here