Q&A: How small businesses can guard against cyber threats

The more interconnected the world becomes, the greater the risk posed by weaknesses in devices or networks.

According to Simon Bryden, consulting system engineer of cyber security firm Fortinet, it's not just preventing breaches that's important for businesses - it's knowing what to do once there is a breach, which most businesses overlook.

Bryden spoke to Fin24 about the importance of adequate cyber security at the company's international media conference held last week in Sophia Antipolis, France.

Fin24: Do consumers and small businesses understand the extent of security threats? How can they be made more aware?

Simon Bryden: For the most part, our customers understand risk. Most know there are risks and that they need to invest in security.

There is a big drive towards security management, especially in enterprises. These enterprises need a security partner who understands risk, and can best advise them and provide them with the level of protection they need. It is more tricky if enterprises do it themselves.

For example, enterprises need to quantify the risks and understand how to allocate their budgets to address them. This is where a security management partner can help.

Are there some basic pitfalls that small businesses often overlook when it comes to security?

There are some pitfalls. For example, they rely on boundary protection – where they protect everything from the outside.

But apart from these barriers, they need to ensure that if a cyber attacker gains access to the network, it’s not an "open bar" for attackers to cause more damage. They need more barriers within their networks.

Put in place solutions – assume that you will be breached, and when you do get breached, you need to make sure that you are made aware of it as soon as possible to take further action.

What's the best starting point for a small business with limited resources to protect themselves?

Small businesses without the necessary in-house skills need to find a managing security partner – that's the most efficient way of getting protection.

Secondly, they should make sure their staff are trained. This may even be more cost-effective than getting a managing security partner.

What's the best way to approach innovation, while maintaining security measures?

When we use artificial intelligence to improve products, there's a risk that attackers can use innovation to get a foothold in networks.  

It's a double-edged sword – we can't stop attacks from happening, but we can be proactive and predict potential vulnerabilities. That way we can help consumers better understand the need to have protection.

What's the most important thing organisations should focus on when to comes to managing cyber threats?

Train staff to make sure they are aware of potential security threats.

And work with partners to figure out the best solutions for the risks to the organisation. It's important to understand the risks to the organisation, and understand the best security approach to manage these risks - especially for small and medium sized businesses without inhouse skills.

They can't turn away from the problem. They need to face it and find partners to help out, and put the best solution in place.

* Sign up to Fin24's top news in your inbox: SUBSCRIBE TO FIN24 NEWSLETTER