Cybersafety Connections September 2021 vol#34 

  • Cybersecurity for a small-to-mid-sized business client.  
  • Phishing attempt to collect banking information.  
  • Basic inexpensive cybersecurity defenses for small and big businesses.  

Cybersecurity for a small-to-mid-sized business client. 

You know I have been writing about cybersecurity for small-to-midsized businesses (SMBs) and often wondered if I knew what the implication is. This week I got a real-life example from the Non-Profit Client for whom I volunteer on the board as a Treasurer.  

Phishing attempt to collect banking information. 

The event involved getting a warning for a possible phishing attempt from a supplier portal in the process of trying to authorize payment.Could it be a bad actor piggybacking on the supplier portal? Okay, not going to let a bad actor collect banking information and gain access to the bank account details to take over the bank account or clear out the account balances. So how did I get this pop-up warning? 

Basic inexpensive cybersecurity defenses for small and big businesses 

We talk of having internal controls made up of both preventive and detective controls. At the basic level, you have preventive controls like;  

  • Strong passwords and Multi-step authentication to protect access.  
  • Limiting access to data or systems to those who need it to perform core duties.  
  • Keeping a clean machine will promote acceptable (if any) internet downloads.  
  • One inexpensive way for small and big businesses to build cyberattack defenses is to keep all systems and apps, malware protection, security updates current and automate updates.   

Having the latest software, web browser, and operating system are free, and easy and the best defense against viruses, malware, and other online threats.  

So to conclude, we need third-party due diligence in place. The risk assessment is ongoing.  

Subscribe to get the latest post.