companies are now insisting on equal
cyber defence and data security norms
from their vendors.
This is, therefore, adding compliance
pressure among SMEs who mostly rely
on basic antivirus or basic firewalls, which
only offer a limited degree of security.
In the world today where digital adoption
has been skyrocketing, SMEs have no
option but to embrace and customize data
security measures to protect themselves
and their clients from cyber threats.
For example, the fact that it took a big
organization such as the Marriot Hotels
four years to realise that hackers had
compromised their computer systems and
had access to massive amounts of data
only points to just how most SMEs have
no idea that their stolen data is up for sale
on the dark web.
In the world today where digital adoption
has been skyrocketing, SMEs have no op-
tion but to embrace and customize data se-
curity measures to protect themselves and
their clients from cyber threats.
A wake-up call for small
businesses
Most hackers work on the notion that
small businesses do not regard their
information important and hence do
not invest seriously on cyber-security
measures. This is mostly true.
I believe that the first step is creating
understanding
throughout
the
organization that data security is very key
since ignorance and negligence among
the workers creates an entry point for
cyber hacks. Management should ensure
that the employees understand how to
perform secure transactions, which lead
to the creation of a culture that is cyber
security-centric.
Therefore, to prevent insider attacks,
organizations must insist on verification
of security levels of all devices operated by
the employees to access work information.
Organizations can also engage in regular
double backing up of files and enhanced
security code authentications.
Additionally, SMEs should also restrict
access to certain information to certain
people only. SMEs can also configure
anti-theft settings, restrict work activity to
secure devices only and regularly updating
passwords and biometrics.
Most data breaches usually go unreported
because organizations are afraid of losing
credibility as well as their clients to their
rivals. However, just like any other truth,
the fact is that it will come out. What
organizations can do is to invest in cyber
insurance, which is readily available and
steadily growing in Kenya.
Your Pains
Into Gains
People/Organizations
For we seek to understand your pains, then focus
on converting them into gains for your personal &
organizational development.
"Experts In Business Development & Consulting"
Approved
Trainer
NITA TRN 805
IHRM Certified
Trainer
C00304
We offer You
Strategy & Planning
Market Activations & Branding
Research
Even when plans are in place, it is usually
necessary to conduct live drills or exercises
periodically to ensure that everyone is
aware of their responsibilities in detecting
and responding to a security breach.
Corporate Training
Technology Consulting
Experiential Team Building
Getting Things Done
Nairobi CBD Office: Salama Hse, Mama Ngina
Street, 3rd Floor Suite 311/2, Opposite City Hall
With increased online transactions, SMEs
must put in place viable security control
plans to protect themselves and their
stakeholders against cyber-attacks to
prevent not just loss of business but also
reputation.
Head Office: SCG Business Centre, Eastern Bypass,
P.O. Box 10430 - 00200 Nairobi, Tel: 020 2655565
Cell: 0735 540 800, 0729, 157 100, 0722 575 595
Denis Mbau is Communications
Consultant working with Invest In
Africa-Kenya. You can engage him
on this or related matters via mail
at: [email protected].