Small and medium-sized businesses are a major target for cybercriminals, says Stephen J.J., who has worked with cybercriminals. Steven J.J. Weisman, expert in fraude, identiteitsdiefstal en cyberbeveiliging.

The recent situation with Kovid-19 and the current crisis have changed the behaviour of the companies and forced them to restructure their daily activities in line with the current reality. Most companies have switched to teleworking and now rely on technology and digital tools to help them adapt. But although digitisation is innovative and useful, it is not cheap. The more sophisticated it is, the greater the risk of a cyber attack.

An example of hackers using COVID 19 messages in cyber attacks placed on Twitter by Scamicide.

Con du jour – 28. April 2020 – Text message Phony Coronavirus

– Scamicide [dot] com (@Scamicide) 27. April 2020.

10 Cybersecurity measures recommended by experts and entrepreneurs for SMEs Main cybersecurity measures recommended by experts and entrepreneurs for SMEs

When we (Techlurn) emailed more than 60 cyber security experts, owners of small and medium sized enterprises (SMEs) were invited to share their experiences and tactics to protect their business from the increasing number of cyber attacks in the post-COVID era. The results are quite amazing, and in the end they all have a common strategy to close the doors to pirates and intruders so they can sneak in.

Although the question is quite simple, two of them read as follows:

Question number one: What are the main cyber security measures that small and medium-sized enterprises should focus on in order to counter the increasing number of cyber attacks according to COVID-19?

Question number two: What are the best practices for teleworking / homeworking to ensure privacy and cyber security?

And we asked them to share their preferred strategies and practices they are currently implementing and any experiences they might have.

Below are the expert answers to the above questions about protecting privacy and maximising cyber security:.

Steven JJ Weisman Steven JJ Weisman

Lawyer, university professor of white-collar crime at Bentley University and founder of

Question number one: What are the main cyber security measures that small and medium-sized enterprises should focus on in order to counter the increasing number of cyber attacks according to COVID-19?

Answer me this: Since most hacking and data leaks start with secret service emails that lure employees to links and download malicious programs, such as ransom programs or keyloggers, preparing employees to receive phishing emails is CAUTION.  It is important to have good security software that is regularly updated, but the best security software will always be at least one month behind the last zero-day defects, which are software vulnerabilities that have not been discovered before.  The use of strong passwords, security issues and two-factor authentication is just as important as encryption and daily backup of all data to prevent ransom problems.

Question number two: What are the best practices for teleworking / homeworking to ensure privacy and cyber security?

Answer me this: Homeworkers should use company-approved security software and preferably use a company laptop instead of their own computer.  You must also use a virtual private network (VPN) and two-factor authentication.  They must also be aware of the threat posed by the phishing and spear culture.

Lumena Mukherje Lumena Mukherje

Cybersecurity consultant and regular columnist InfoSec insights.

Question number one: What are the main cyber security measures that small and medium-sized enterprises should focus on in order to counter the increasing number of cyber attacks according to COVID-19?

Answer me this: Backup to third party platforms, because despite our efforts no system can be 100% secure, and a backup can be your most effective plan in the event of a successful infringement.

Invest in the right technology and implement the right network security solutions. Allow connections to the corporate network only via the corporate VPN that uses multi-factor authentication. With a tight security budget, considering equally good open source solutions is also an option for small businesses. In addition, endpoint security is particularly important because most employees have a remote connection.

Install regular updates for all software, including the operating system. In some organizations, incremental updates are installed on connected devices to prevent failures due to unstable versions. At the same time, it is very important to address all security breaches without delay. Train and teach your employees the best security methods through mandatory workshops, because security is a shared responsibility and even an intern can unknowingly cause data loss. Phishing attacks and COVID attacks related to social engineering are on the rise: 94% of malware is distributed via email. Training staff in identifying and responding to security threats reduces the risk of hacker attacks.

Question number two: What are the best practices for teleworking / homeworking to ensure privacy and cyber security?

Answer me this: Change the default or easily guessed passwords on all your network devices (e.g. routers) and accounts (email, other work platforms, etc.) Use unique passwords for all accounts (no passwords) and allow multi-factor authentication (avoid SMS as one of the factors). Use a password manager, because that’s much better than reusing passwords from multiple accounts.

Don’t forget to protect your data, because most companies and their customers are very sensitive. When working from home, simple measures such as blocking the screen at the beginning, turning off or disabling voice assistants during meetings, etc. can reduce the risk of accidentally transmitting business data.

Jacob Moran Jacob Moran,

Computer trainer at CBT Nuggets.

Question number one: What are the main cyber security measures that small and medium-sized enterprises should focus on in order to counter the increasing number of cyber attacks according to COVID-19?

Answer me this: First of all, it is important to understand that many of these new threats use fear to provide free information or solutions for tracking VIDOCs, but they also include Trojans and blackmail. These solutions may look like valid Agency documents, but they contain malicious macros. Others – in the form of toolbars/additions for browsers or complete applications for mobile devices. An increasing number of emails contain links to websites that falsify reliable medical or news information. Prevention starts with a modern firewall and intrusion detection tools to prevent compromised systems from malicious use of the network. However, the first step in preventing intrusion is to reduce or remove the privileges of local administrators to install software on company equipment and perform an attitude assessment of all systems with access to the company network.

Question number two: What are the best practices for teleworking / homeworking to ensure privacy and cyber security?

Answer me this: The first step for security administrators is to have a clear policy on how and which data can be stored on the external device, and to limit it as much as possible. The policy should define the types of secure access (such as VPNs) that employees should connect to corporate networks and ensure that all access is through these secure channels. The guidelines should also indicate whether and what types of software or documents from Internet sources, such as e-mail, can be downloaded or opened as attachments. EMPLOYEES MUST then be made aware of these guidelines, with a clear understanding of the enormous value the company could gain if they are not followed correctly.

Michael Hammelburger Michael Hammelburger,

The CEO of the Expenditure Reduction Group shared his experiences with us.

The increase in cyber attacks is very worrying for me and my organization. We have seen many cases of hackers trying to hack into our systems and accounts during this pandemic. We’ve seen an increase in real estate-related phishing scams. Most crooks take advantage of these times when people are vulnerable and depressed. For example, they send emails to homebuyers representing them as the so-called real estate agent or, even worse, a legal representative, asking the unsuspecting reader to immediately transfer money to reserve the property or close the deal.

By implementing a cybersecurity program within our organization that includes hardware and software security, workforce management and behavioral support, we have been able to reduce the impact of cyberattacks that would cost us thousands of dollars in theft and identity loss. It is standard practice for our human resources, our IT department and our Executive Committee to review this policy to prevent any attempt to infiltrate our system. Employees play an important role in disseminating policy information to ensure policy compliance throughout the organisation. We also hired a company that can demonstrate the chain of cyber killers to prevent attacks at any time.

Highlights from interviews with more than 60 security experts and SME owners:

Good practices to prevent data breaches for homeworkers

1. Business infrastructure security:

While many believe that advanced and reliable tools are the best defense against cyber attacks, the fundamentals of cybersecurity are often the most effective. Advanced threat protection, protection against malware, scanning of external vulnerabilities, etc. are always useful and necessary, but in many cases it is the lack of more basic protection that leads to compromises. Our response team is constantly identifying signs of compromise, and often the effective use of basic cyber security techniques could have prevented the attacks, said Christopher Gerg, CISO and vice president of Tetra Defense, a digital forensic lab and incident response company.

Accept the cloud collaboration platform To help employees avoid inappropriate collaboration methods, offer them a collaboration tool you allow. Tools such as Google Drive, Box, Citrix ShareFile, Microsoft SharePoint, Microsoft OneDrive, etc. can help employees be more productive while providing adequate protection and policy control to stay safe.

2. Relevance of software and business applications:

Companies should pay special attention to the safety of their employees’ devices by centralizing the provision of regular security updates and giving recommendations for the installation of personal devices and updating the security system, said Ivan Kot.

Allows remote correction and monitoring of the policy. If users work from home, make sure their systems can communicate securely with your company’s infrastructure to receive the latest policies, patches and updates. It only takes one device that hasn’t been repaired to break into your network, says Daniel Martin, vCISO of Veristor, an IT solutions provider.

3. Access control and monitoring:

Managing and monitoring employees remotely, including managing cybersecurity risks Creating and enforcing policies to control access to the network and resources will help protect valuable business and customer data from cybercriminals, said Harvey Yan, Senior Technician at Digiguard.

With all the necessary resources, managed access and controlled activities, companies will identify risks and protect critical assets.

4. User Accounting:

It’s time to wipe out all inactive accounts. Disable the accounts of former employees or contractors and ensure that your current users are assigned roles with as few rights as possible to perform their tasks.

5. Cyber Security Training:

Yeah, almost everyone we talked to agreed and suggested: Companies should strive to provide their employees with RELIABLE students and cyber-secretaries.

To eliminate potential risks, managers must adopt a systematic approach to business transformation and security, including training employees to prevent internal threats, says Maria Saigatova of Blast Sourcing.

6. Beware of BYOD policy:

especially in the scenario you’re sacrificing (BYOD). Limit ransom software by limiting local storage on devices, backing up your data regularly, and pre-encrypting your data before it is run by a threat agent to prevent you from accessing your data in critical situations.

7. Enabling secure communication methods:

All personal information should be sent in secure chat rooms or via commercial communication platforms, but never via social networks. The amount of information that can be extracted from the messengers that people use every day is frightening.

8. Implementation of periodic support:

One of the most important cyber security measures that small and medium-sized enterprises should focus on is data protection. Especially with such a deployment of external workplaces, more and more employees have their brand laptop at home. This is especially important at a time when buy-back programs are destroying entire departments, says Randolph Morris, founder of BIT Developers.

We also interviewed many IT professionals who work from home: What if your hard drive crashes now? More than 80% of the respondents said that these were the most critical and worst cases that could not be played with any justification. Unfortunately, only a few of them reported that they had backups and synchronization from external servers.

9. Strong passwords and two-factor authentication

Due to the global shift towards remote activities, SMEs have had to review their cyber security strategies and make endpoint protection an important aspect of corporate cyber security. Because employees have remote access to corporate resources, cyber security teams must enforce user authentication and access policies and implement additional verification measures (two-factor authentication) to prevent unauthorized intrusion. Ivan Kot, Senior Director of Itransition, agrees.

10. VPN Usage:

Internet connections are the least secure networks that can allow hackers to destroy your entire office network.

For those who work from home, the best way to ensure the loss of sensitive data and cyber security is to use a VPN. Organizations need to provide secure VPN access to their home workers at remote locations to protect the transmission of sensitive data, said Mark Rapley, director of KWIC Internet.

Last words:

Covid-19 rebuilds the infrastructure of companies and forces people to adapt, while hackers focus on this massive dependence on digitization. Companies that intend to focus on the working model for the spine will spend their time, effort and especially money on this. It is crucial to respond to this situation and begin a transformation to define a new way of doing business, with a focus on security measures and RESISTANCE OF EMPLOYMENT. A pandemic is not really a curse, but an opportunity to create a new business model and introduce sustainable and secure business processes and procedures.

Thank you for reading it. Tell us what you think in the comments. Follow us on the social networks for regular updates.

it security best practices checklist,cyber security best practices 2020,small business cyber security plan,best practices in security management,cyber security practice games,security practices definition,small business cyber security checklist,small business cyber security solutions,small business cyber security statistics,small business cyber security consulting,small business cyber security plan template,cyber security threats for small businesses,importance of cyber security in business,mastercard cybersecurity toolkit,cyber security entrepreneurs,business security tech,email security for small business,solutions for cyber security,internal website security for small business,cyber security advice for small businesses,cyber security best practices 2019,cybersecurity and small business

You May Also Like

Salesforce Updates to Improve Employee Engagement was originally conceived as a series of new and existing Salesforce…

What Are Model Train Car Cards?

In the world of model railways, the waybill procedure has become very…

Root OnePlus Nord (Avicii) and Install TWRP Recovery 3.4.0

If you own OnePlus Nord 5G (avicii) AC2001, AC2003 and want to…

GBWhatsapp APK Download Latest Version V16.29 (Anti-Ban)

GBWhatsApp GBWhatsApp is the nine-modified version of the offiziellen WhatsApp. If you…