Twitter Chat: Security risks SMBs face

Authors

.

Learning basics of IT-Security and Cyber-Security

.


On Monday, June 9th there will be #cyberSAFEchat who will explore the security risks SMBs face during every phase of growth and learn how to best protect against these threats. The hour-long Twitter chat will address the following key questions:

  • Q1: What security risks do SMBs need to consider when starting a business and why?
  • Q2: How do these risks change as the business grows and why?
  • Q3: How can lapses in security impact a SMB?
  • Q4: What tools and tips would you recommend that SMBs use to secure themselves, their employees and their customers?

I got invited through Twitter by @CSID:

.

Twitter Chat SMB and CyberSecurity

.

After long reflection I decided to create a blog about my advice as I think that it would be very difficult to answer these questions by Tweets. There are TOO MANY links and information, as well as advice to share that in the mass of shared Tweets they would get lost😉 This allows me then in the Tweet on the Chat to post ONLY one link, the link to this blog, where ALL the necessary information are included and I could concentrate on the other Tweets much more easy! So here we go:

.

Q1: What security risks do SMBs need to consider when starting a business and why?

programmerman-animatedWell, first of all SMBs don’t have to forget that they deal with employees and that THE weakest link in the security chain is the human!

.

Please check my following blog posts who explain in detail:

.

As nearly everyone is using a smartphone today so there is ALSO a MUST to consider a “BYOD-Policy” (Bring Your Own Device) as the use of smartphones could be a BIG security risk to the SMB’s as MOST employees don’t have any knowledge about the basics of Cyber-Security, even that there smartphones and/or tablets, laptops could be infected with virus, trojans, keylogger

Please read my blog post about BYOD below:

.

Another risk to consider is the webpage of the SMBs! A webpage can be a very BIG risk when it is compromised and it would infect the computers and BYOD stuff from visitors (employees, customers and other…)!

.

And didn’t WE forget something!? YES, WE MUST consider ALSO so called “Third Party Applications” as bugs in programming code of software are ALWAYS inevitable! Nobody is perfect! If that would be the case, ALL programs would STILL be on version 1.0😉 Right? Got it? Check ALSO, please:

.

As a reminder: What are SMBs?


Q2: How do these risks change as the business grows and why?

.

greatest security threat to organizations

Image credit ===>  http://www.tripwire.com/state-of-security/security-awareness/security-its-us-vs-them-or-is-it/ <===

.


Q3: How can lapses in security impact a SMB?

1ibdy1vf6wghd-n05dgl-aigainformation1As already mentioned above in Q1, once the website (webpage) is infected then any visitors, employees and customers included could get infected by the simple visit of that website. it is called “Drive-by download“! WE MUST also consider “Data-Breaches” where ALL the information of the customers and employees would get exposed on the internet! All of the above mentioned will NOT be a funny situation as it brings a BAD reputation to the SMBs, possible legal actions against them and a loss of customers, even perhaps a bankruptcy…

.

drive-by-download

Image credit:

===> http://www.microsoft.com/security/sir/glossary/drive-by-download-sites.aspx <===

.

Related articles:

.


Q4: What tools and tips would you recommend that SMBs use to secure themselves, their employees and their customers?

sharing-iconFirst of all: I recommend to train the employees about Cyber-Security and the risks that the SMBs encounter through involuntary actions from their employees (ignorance) and/or their BYOD stuff! This training should include, see my following blog posts, please:

There is one word which any SMB MUST remember ===> Proactive THINKing <===, anything is changing that quick that nobody could act mostly in time!

Learn more about ProactiveTHINKing:

.

Concerning tools, WE should consider different ones:

  • Webpage security
  • BYOD
  • Server Security

Here a non exhaustive list of a variety of tools:

Described in one word, I would say that WE ALL, SMBs and any user SHOULD get used to a ===> Cyber-Hygiene!!! <===, read my blog about, please:

.

CS_Infographic_SMB2014_FINALweb3

 

Infographic credit ===> http://www.csid.com/2014/06/cybersafe-webinar-series-recap-smb-security-for-every-phase-of-growth/ <===

.

Useful links and providers of Cyber-Security solutions:

 

This blog will get updated after the chat tonight, where I will include the transcript as any other useful information…


The Transcript From The Chat Tonight

So, as any GOOD Twitter Chat makes a “Transcript”, this one made one ALSO, which YOU can find below.

.

#cyberSAFEchat transcript

Please check the whole transcript here ===> https://storify.com/CSID/cybersafechat-smb-security-through-all-stages-of?utm_campaign=&utm_medium=sfy.co-twitter&utm_content=storify-pingback&utm_source=direct-sfy.co&awesm=sfy.co_jkFv <===

 


Final word

chat iconA security by 100% doesn’t exist and probably NEVER will exist (I am sure about THAT!) , remind the human behavior…, and ALSO  the bugs in programming code of software!

There is one word which any SMB MUST remember ===> Proactive THINKing <===, anything is changing that quick that nobody could act mostly in time!

Related articles:

Stay informed about what is happening on a daily base about Cyber-Security to get prepared for the UNKNOWN! It’s the letter “I” in “ICT“, which means “Information“! Once NEW information gathered which isn’t known YET by the employees, then comes the letter “C“, which means “Communication“! Inform YOUR employees and ICT-Staff as soon as possible, remember that in the “Security Chainanyone MUST be strong!

===> THE MOST IMPORTANT when making training is to NOT use TOO MUCH technology words so that the employees might be able to UNDERSTAND! <===

Read my curation:

.

Keywords for this post: CASES, my articles, CyberSecurity, BYOD, Privacy, Awareness, Training, CyberHygiene, Policies, Reflexes each week, reminding reflexes, human behavior, weakness, security chain and human, Naivety, HowTo ideas, Government help, FREE courses from Government, PHISHING, Spear-Phishing,

.

Stay tuned for next blog posts, some are already in preparation😉

.

3 Comments

Comments RSS

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s