How to get SMBs to take their cybersecurity seriously
Barracuda is a global provider of cybersecurity solutions that make a concerted effort to analyse and understand the needs of the end-users that they are providing for.
I sat down with Barracuda APJ sales vice president James Forbes-May to discuss how Kiwi partners can begin to bridge the growing security gap with SMBs in New Zealand.
One thing that stands out from our discussion is that when it comes to security, technology is not the only answer.
“The threats are everywhere and so much of it is down to the education of the partner,” Forbes-Mays says.
“We call it creating a human firewall - the users are the biggest threat to any organisation. ‘Click this link. Here’s this purchase order you were expecting.’ Sometimes people are in a rush and it just happens.”
That is why Barracuda is providing training sessions for partners and perhaps, down the line, end-users on how to keep themselves safe from phishing.
When the discussion turns to ways that partners can engage SMBs who may be more reticent when it comes to security, Forbes-May’s frustration clearly comes through.
“It always comes down to how important the SMB thinks their data is,” he says.
“From my history with data protection - for years everyone knows they should have a DR (disaster recovery) policy - what’s the point in backing up your data if you don’t actually try and recover it?
"The smart companies were doing an annual, or every six months DR test. A lot of companies knew they needed to do it, but they didn’t. It’s the strategy of ‘cross the fingers and if we ever need it let’s hope it works’, which is not the best policy.
“I think that comes back to changing times and now companies are starting to realise that customer data is incredibly valuable and we’ve got to protect it.”
Of course, this frustration is somewhat understandable when you consider that across A/NZ over AU$10 million was paid out to ransomers over the last year.
Ironically, as he rails against the issues that face partners when trying to bring proper security measures to SMBs, he gives great advice on how to explain the nature of security to end-users.
‘It is difficult. The challenge is that if the mentality is ‘it’s not going to happen to me’ you can’t force somebody. It comes down to their choice - can they survive if they were to get breached or ransomware-d? Can their business survive? Or can they just afford the US$10k or $500k to get their systems unlocked?
“Once you do it once, they will come back again. That’s something we do see. Once they’ve been hit once, the likelihood of them being a target again increases exponentially. So if they don’t learn from that there isn’t really anything anyone can do.”
Current partners or those seeking to become a partner can reach out to Exclusive Networks to learn more.