The way we conduct business has quickly changed around the world as organisations try to offset and overcome the disruption caused by the COVID-19 pandemic. While businesses have consistently had to adapt to change in the past, the pandemic has significantly accelerated the pace of change.
In just six months, businesses have had to find, and develop, new revenue streams while navigating ways of doing work alongside ensuring health and safety practices. This led to a massive shift towards a remote workforce, a circumstance which many businesses were not ready for.
This sudden move towards digital has meant that a number of risks have been introduced into the cybersecurity ecosystems of organisations, particularly for small and medium-sized enterprises (SMEs) in Nigeria.
Deloitte’s 2020 Cyber Security Outlook predicted that this year would see constant fluctuations within Nigeria’s cyberspace, giving 2020 the nomenclature of the “Year of Shifts”. The report noted that cyberattacks would shift their targets from large corporations towards SMEs who might seem like unlikely targets as they do not possess the significant amount of resources to warrant an attack.
However, this estimation was made at the start of this year, before we saw the widespread impact of the pandemic. These attacks could be exacerbated by the challenges we are faced with today. Therefore, it is imperative that Nigerian SME’s become proactive in prioritising cybersecurity now.
Increased connectivity grows vulnerabilities
We have long been travelling towards the future of a hyper-connected world. But, as connectivity increases so does the number of openings that cybercriminals will be able to exploit.
Most employees, many of whom are working remotely for the first time, are experimenting with ways to stay in touch with colleagues whether it be through chat applications or online VoIP platforms.
The quick shift to interconnectedness has meant that these vulnerabilities were introduced into business processes all at once. Due to the need for remote work, in a time where SMEshave had to ensure connectivity unexpectedly and sometimes with little to no preparation, cybercriminals will have new opportunities to take advantage of underprepared businesses.
Organisations using cloud-based infrastructure, or the Internet of Things, will be exposed to more sophisticated attacks at higher rates. Additionally, employees might not be able to identify potential cyber threats while dealing with the stresses and distractions of the pandemic environment.
The changes businesses have implemented to tackle current difficulties are not temporary however, they are transformingthe way we do business now and will continue to do so in the future. SMEs that are able to handle the challenges thrown their way will need to continue to leverage technology to address the new normal.
Therefore, the ability to enforce clear, dependable and trustworthy cybersecurity policies and systems is vital to ensuring a business has the capabilities to deal with increasingly sophisticated cyberattacks quickly and effectively.
Robust, reliable cybersecurity measures are key
The cybersecurity of a business is still largely dependent on people. They are often its biggest vulnerability. In a remote world, this vulnerability has more exposure to risk as a business has less ability to control each employee’s environment.
Workers have access to company data, information and networks that are being access through a wider range of internet connections and a number of devices.
SMEs should be creating cybersecurity procedures and guides that employees are able to understand and follow. This includes training or awareness campaigns that educate workers on how to identify possible threats and what to do when they have as well as integrating digital structures that prevent hackers from accessing private information or networks such as multi-factor authentication.
Platforms from Microsoft like Windows Hello biometrics and smartphone authenticators like Microsoft Authenticator can be used to implement stronger authentication systems that help identify when someone is trying to access anything illegally.
With remote work also comes the need for increased digital communication. When the collaborative tools businesses are using to do so are not secure, they are leaving a door open for anyone to come through. Making use of collaborative tools with built-in security features, such as Microsoft Teams, can help to remove this vulnerability.
An imperative for SMEs when it comes to cybersecurity is securing cloud applications. Not all the devices employees use to connect to business data are secure and therefore it is advisable to use platforms like Conditional Access to secure access to cloud application processes.
As most small businesses are implementing work from home policies, there’s little doubt that cybercriminals will use any opening they can find and exploit to take advantage of the current situation. Implementing best practice cybersecurity tools and procedures will help SMEs guard against these growing threats and thwart cybercriminals in their tracks.
… Banuso is the Country Manager, Microsoft Nigeria.