Story image

How to get SMBs to take their cybersecurity seriously

09 Apr 2018

Barracuda is a global provider of cybersecurity solutions that make a concerted effort to analyse and understand the needs of the end-users that they are providing for.

I sat down with Barracuda APJ sales vice president James Forbes-May to discuss how Kiwi partners can begin to bridge the growing security gap with SMBs in New Zealand.

One thing that stands out from our discussion is that when it comes to security, technology is not the only answer.

“The threats are everywhere and so much of it is down to the education of the partner,” Forbes-Mays says.

“We call it creating a human firewall - the users are the biggest threat to any organisation. ‘Click this link. Here’s this purchase order you were expecting.’ Sometimes people are in a rush and it just happens.”

That is why Barracuda is providing training sessions for partners and perhaps, down the line, end-users on how to keep themselves safe from phishing.

When the discussion turns to ways that partners can engage SMBs who may be more reticent when it comes to security, Forbes-May’s frustration clearly comes through.

“It always comes down to how important the SMB thinks their data is,” he says.

“From my history with data protection - for years everyone knows they should have a DR (disaster recovery) policy - what’s the point in backing up your data if you don’t actually try and recover it?

"The smart companies were doing an annual, or every six months DR test. A lot of companies knew they needed to do it, but they didn’t. It’s the strategy of ‘cross the fingers and if we ever need it let’s hope it works’, which is not the best policy.

“I think that comes back to changing times and now companies are starting to realise that customer data is incredibly valuable and we’ve got to protect it.”

Of course, this frustration is somewhat understandable when you consider that across A/NZ over AU$10 million was paid out to ransomers over the last year.

Ironically, as he rails against the issues that face partners when trying to bring proper security measures to SMBs, he gives great advice on how to explain the nature of security to end-users.

‘It is difficult. The challenge is that if the mentality is ‘it’s not going to happen to me’ you can’t force somebody. It comes down to their choice - can they survive if they were to get breached or ransomware-d? Can their business survive? Or can they just afford the US$10k or $500k to get their systems unlocked?

“Once you do it once, they will come back again. That’s something we do see. Once they’ve been hit once, the likelihood of them being a target again increases exponentially. So if they don’t learn from that there isn’t really anything anyone can do.”

Current partners or those seeking to become a partner can reach out to Exclusive Networks to learn more.

Kiwis know security is important, but they're not doing much about it
Only 49% of respondents use antivirus software and even fewer – just 19% -  change their passwords regularly.
Avi Networks: Using visibility to build trust
Visibility, also referred to as observability, is a core tenet of modern application architectures for basic operation, not just for security.
Privacy: The real cost of “free” mobile apps
Sales of location targeted advertising, based on location data provided by apps, is set to reach $30 billion by 2020.
Myth-busting assumptions about identity governance - SailPoint
The identity governance space has evolved and matured over the past 10 years, changing with the world around it.
Forrester names Crowdstrike leader in incident response
The report provides an in-depth evaluation of the top 15 IR service providers across 11 criteria.
Slack doubles down on enterprise key management
EKM adds an extra layer of protection so customers can share conversations, files, and data while still meeting their own risk mitigation requirements.
Security professionals want to return fire – Venafi
Seventy-two percent of professionals surveyed believe nation-states have the right to ‘hack back’ cybercriminals.
Alcatraz AI to replace corporate badges with AI security
The Palo Alto-based startup supposedly leverages facial recognition, 3D sensing, and machine learning to enable secure access control.