Why the pandemic has driven Aussie SMEs into new IT territories

Cybersecurity has become a major concern in Australia. According to Check Point’s latest threat intelligence report, the country is the most targeted one for cyberattacks (in APAC) with organisations being attacked on average 283 times per week – as evidenced by the recent cyberattacks on our government and essential services.

While threats exist, the pandemic has also accelerated digital transformation across Australian SMEs and the long-lasting results will be positive if companies can remain safe. Here are a few considerations to help protect SMEs and their IT infrastructure in a post-COVID world.

Challenges of trading online

A sector which has been hugely impacted by the pandemic is retail. The forced closure of stores across the country for an extended time, combined with some people being more reluctant to go in-person shopping, has led to retailers taking a crash course in e-commerce if they didn’t already have an online presence.  

Most retailers have turned to the cloud for their key infrastructure, with Amazon, Azure and Google Cloud being the platforms of choice. However, this brings about various technology challenges.  A recent study by Verizon on data breaches found that attacks against web application servers made up nearly 75 per cent of breached assets in the past year, up from roughly 50 per cent in 2017.  What’s more, most retail breach attempts occur in cloud environments.

According to our recent 2020 Cloud Security Report, 82 per cent of respondents said their traditional security solutions either don’t work at all, or only provide limited functions in cloud environments. This percentage is up from 66 per cent in 2019 and highlights a growing gap over the past 12 months.

Here are some tips on how SMEs in the retail sector can stay safe in the cloud:

  • Consider a shared responsibility model for cloud security – trust your infrastructure provider to secure their cloud services, while you own the responsibility of correctly configuring resources;  
  • Automate security protocols – any manual configuration means your application is inherently vulnerable;
  • Look for cloud-native security solutions – by choosing the right service, you eliminate the risk being rendered obsolete from the first update;
  • Consider a cloud security management solution: by leveraging a tool that performs automated checks, you will minimise your vulnerabilities.

New normal: remote working

COVID-19 has also affected ways of working for all SMEs – mainly with the imposition of remote working and online collaboration. Over time, in a post-pandemic world, some companies may benefit from adopting mixed models, combining in-office and home office as cost-effective solutions. Shifting to accommodate a remote workforce is no easy feat. However, organisations need to revisit and adapt their security plans to ensure that their businesses are safe in the new normal.

Here are two key principles businesses owners must consider:

  • Implement a complete Security Protection protocol: to eliminate any potential security gaps, SMEs should
    • Train its workforce against three main threat vectors: phishing, malware and data leakage;
    • Adopt IT solutions that completely protect from imminent threats across every platform, including mobile devices, cloud email, and collaboration apps.
  • Adopt a “Prevention First Strategy”: one of the most effective ways to avoid financially devastating data breach requires SMEs to
    • Implement real-time threat intelligence, emulating scenarios to quickly determine if a file or link has already been deemed malicious;
    • Leverage AI-based threat prevention technology, vetting risky documents and messages using the power of data science, which can analyse millions of parameters like no human being can.

Aussie SMEs have been incredibly tenacious in seeking ways to continue operating and we hope that these recommendations will help them continue driving our economy forward.

Ian Raper, Managing Director – Australia and New Zealand, Check Point Software Technologies