SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Kiwi businesses urged to double down on cybersecurity
Mon, 23rd Mar 2020
FYI, this story is more than a year old

Small businesses must remain vigilant in their security efforts if they are to successfully adapt to the new business environment created by the coronavirus pandemic.

That's according to MYOB, which says small and medium businesses (SMBs) must consider cybersecurity as a key risk in the coming months.

Local businesses need clear guidelines that help them manage economic unrest, says MYOB New Zealand country manager Ingrid Cronin-Knight.

“As we've watched countries across Europe effectively lock down their economies, it is becoming increasingly clear that businesses will be looking for ways to keep their operations running, and we should be providing support to enable them to do so,” she comments.

She believes that most SMBs won't have faced this kind of business disruption before – and while technology can help to connect businesses, many won't be able to implement major technology changes quickly or safely.

MYOB points to its recent MYOB Business Monitor Survey, which polled 1000 small businesses in New Zealand. According to the poll, 29% of businesses have been breached due to malware, scams, ransomware attacks, or phishing attempts.

Cronin-Knight says that cybercriminals will seek to exploit more businesses that are moving online, particularly as those businesses move to remote working.

MYOB says that there are several ways businesses can protect themselves.

The first action is to ensure that routers and telecommunications equipment doesn't use the default passwords – typically usernames and passwords can be as simple as ‘admin' for both, putting routers at risk.

Businesses should also ensure that all software is up to date with the latest security upgrades and patches, and they should deploy strong endpoint protection such as antivirus and anti-malware software. This software should be kept up-to-date at all times.

Furthermore, businesses should also install firewalls on home services, enable password protection tools such as two-factor-authentication (2FA), and to educate all home users about security threats such as malware, phishing, and scams.

Businesses should also back up key systems and data regularly so that it is easy to restore after a cyber incident.

All staff should be informed about incident response procedures, because they do apply to remote working as well as in the office.

It's also important to use a virtual private network (VPN) when connecting to business systems via public Wi-Fi services, MYOB adds.

“We urge businesses to consider the key security and continuity risks they may face in managing a rapid transition to a work from home operation,” concludes Cronin-Knight.