Cyberattacks are becoming an increasing risk for SMB owners. Unfortunately, the majority think they are immune to these attacks and continue using free cybersecurity software. It’s only when it becomes too late, and when the company is already victimized by a cyber-criminal, do they realize how impactful it would have been to have proper cybersecurity practices. Furthermore, SMBs shouldn’t consider themselves invulnerable to attacks just because of having necessary cybersecurity measures. It is vital to also have a well-developed and tested disaster recovery plan in place.
Related discussion
The article, “SMBs aren’t doing enough to protect themselves from cyberattacks” by Anthony Spadafora, perfectly explains how many SMB owners are actually at a significant risk of cyberattacks. Spadafora speaks about BullGuard, a cybersecurity company, and how they have, “surveyed 3,083 small business owners in the UK and US to learn that one third of companies with 50 or fewer employees are using free, consumer-grade cybersecurity products while one in five companies use no endpoint security software whatsoever.” Due to restrained financial positions, most SMBs place the priority of their budget on things such as product development rather than cybersecurity.
Putting myths to rest
Spadafora even discusses some myths that business owners mistakenly believe in. He states that from the survey taken, “almost 60 percent of SMB owners believe their business is unlikely to be targeted by cybercriminals. However, the results of BullGuard’s survey show that 18.5 percent of SMB owners have suffered from a cyberattack or data breach within the past year.” These owners have such high confidence in their cybersecurity measures only because they have not encountered a cyber attack yet. It’s only a matter of time before a cyber-criminal takes advantage of such weak network security, causing the company to become crippled
Some tips for SMBs to stay safe
Here’s some guidelines to ensure your company’s safety:
- 24/7/365 network monitoring
- Implement daily backups on a disconnected system
- Track all admin credentials
- Multi-factor authentication
- Software patching
- Email filtering and monitoring DNA
Smoke testing is a term used to describe the testing process for servers after patches are applied. 
Estimating an average time for patching servers and PCs can be a bit tricky. It can vary from one month to the next, depending upon the number and complexity of the patches released by your software vendors. You must consider all versions of operating systems and have a complete inventory of all your application software to do this job correctly. Our experience has shown that manual patching of systems takes on average of about 1.5 hours each.
This is a basic cost calculator for you to compute your typical monthly cost for patching your servers, PCs, laptops, tablets and associated application software. It also forms the basis for you to begin calculating your Return on Investment for software patching, or for comparison with alternatives to the manual process of patching operating systems and application software—such as Patch Management as a Service, also known as Vulnerability Management as a Service.