Topic - Weekly World View - Cybersecurity for SMB
pdf
keyboard_arrow_up
School
Phoenix College *
*We aren’t endorsed by this school
Course
270
Subject
Information Systems
Date
Jan 9, 2024
Type
Pages
11
Uploaded by MinisterOstrich3448
1/4/24, 10:04 AM
Topic: Weekly World View : Cybersecurity for SMB
https://learn.maricopa.edu/courses/1298288/discussion_topics/7194812
1/11
This is a graded discussion: 10 points possible
due Sep 24, 2023
Weekly World View : Cybersecurity for SMB
27
Read and review the following article : https://www.information-age.com/five-tech-capabilities-
shape-your-smb-website-security-strategy-123494561/
(https://www.information-
age.com/five-tech-capabilities-shape-your-smb-website-security-strategy-123494561/)
After reading the article above provide your discussion feedback to the below question. As the cybersecurity consultant, what are two recommendations you would make to a Small
Business Owner about Cyber Threats and how to protect themselves? Be specific and justify
your recommendations.
Search entries or author
Unread
Subscribed
(https://
Maria Pina (https://learn.maricopa.edu/courses/1298288/users/4291833)
Sep 18, 2023
1 - I would begin by informing the business owner that web security is essential for all cloud-
based systems, and that no business is too small or "unimportant", and explain threats are
always looming - it's a matter of "when", not "if". I would explain the possibility of not only
losing revenue, but also data, proprietary information, and even company reputation.
Additionally, I'd point out that feedback and registration forms are popular targets for attacks.
The most important thing would be to confirm that their technology is updated, protected by
firewall and with the latest patches for known vulnerabilities. If information is collected, I would
automate TLS/SSL certificates on their website so it's authenticated and verified. 2 - I would back their system and ensure that their system has the latest antivirus and malware
detection system.
1/4/24, 10:04 AM
Topic: Weekly World View : Cybersecurity for SMB
https://learn.maricopa.edu/courses/1298288/discussion_topics/7194812
2/11
(https://
Micah Galvan (https://learn.maricopa.edu/courses/1298288/users/3941514)
Sep 19, 2023
The two recommendations I would make to a Small Business Owner about Cyber Threats are
keeping your technology updated and performing backups. For keeping technology updated, it
is crucial that the technological infrastructure you choose for your website is routinely patched
and updated to identify vulnerabilities and stop hackers from exploiting them. The core site
version and any extensions must be continuously updated with the most recent revision. Pay
close attention to online components that require user input, like forms for registration, as
these are frequent targets for cyberattacks. For backups, backups are your insurance
coverage and the foundation of your recovery strategy if your website is the target of a cyber
assault. Gain the assurance that, in the event that your website becomes unexpectedly offline,
you will be able to swiftly return it to the proper state with all of its data intact. Any connected
organization needs efficient backup and restore technologies in order to swiftly recover lost
information.
(http
Maria Pina (https://learn.maricopa.edu/courses/1298288/users/4291833)
Sep 28, 2023
It was so hard to just choose two recommendations!
(https://
Swar Bay (https://learn.maricopa.edu/courses/1298288/users/4267653)
Sep 19, 2023
The two recommendations I would make to SMBs are keep malware detection software up to
date and perform regular back ups. Even small businesses can become a target of cyber
attacks. Having an up-to-date malware detection software can help deter most of the threats.
Large scale cyber attacks begins with these small threats and malware detection/removal
software can quickly patch those vulnerabilities. However, SMBs will inevitably be subject to a
more advanced attack that isn't detectable by the malware software. To prepare for this case,
SMBs should perform regular backups. Although SMBs might lose some assets, they will be
able to recover from a restored backup data. It is much better to minimize the loss and have a
point to restore from than to lose everything and start again from scratch. (https://
Noah Gavina (https://learn.maricopa.edu/courses/1298288/users/3991326)
Sep 20, 2023
1/4/24, 10:04 AM
Topic: Weekly World View : Cybersecurity for SMB
https://learn.maricopa.edu/courses/1298288/discussion_topics/7194812
3/11
I would say the two recommendations I would give are perform backups to insure that there is
something to fall back onto if data is lost and keep up to date with tech.
To me backups are the most important thing as with them one can be sure no and/or little data
is lost whether it be from an attack or even from something like tech issues. Backups are
important to me personally even in personal things to be sure I do not lose anything that I
would like to keep, which is why I would recommend to make backups the most.
As for updates, they are also just as important as older technology can be more vulnerable
than up to date technology. Often with something like Microsoft Windows, the most common
reason I notice Windows devices update for seems to be to address potential security issues
that may have been noticed or could possibly be exploited.
(https://
Jonathan Rose (https://learn.maricopa.edu/courses/1298288/users/4173894)
Sep 21, 2023
I would say that the first recommendation I would make is to stay up to date with all your tech.
This is probably one of the most simple and logical recommendations but also one of the most
vital and probably overlooked. It is easy to procrastinate or let other tasks triumph over this but
some attacks such as script kiddies can simply be prevented by doing simple things. My
second recommendation would be to do regular backups of all you're data. This is especially
important because if all you're security features in place fail and you're entire system is
compromised you can have some sort of insurance that all you're information isn't lost and
whenever you do get back up and running you can restore it to it's proper state.
(https://
Luis Iglesias (https://learn.maricopa.edu/courses/1298288/users/638135)
Sep 21, 2023
There are many ways to strengthen your Security. Based on my understanding, the first action
I would take is to update software & hardware. Ensure all are updated to the latest version and
never use any pirated software, apps downloaded from unknown sources, or software that
doesn’t receive updates. Updates enhance features and patch security flaws that fix bug
issues and enhance performance for devices. Next, I would enable two or multi-factor
authentication to prevent cyber-attacks. Software & user accounts are sometimes unsafe
password login and can be easily compromised. Multi-factor authentication helps ensure that
unauthorized people don’t get access to your system.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
1/4/24, 10:04 AM
Topic: Weekly World View : Cybersecurity for SMB
https://learn.maricopa.edu/courses/1298288/discussion_topics/7194812
4/11
(https://
Nick Carrieri (https://learn.maricopa.edu/courses/1298288/users/4420208)
Sep 22, 2023
Small business owners would probably benefit from making sure to keep their hardware up to
date. Programs, drivers, BIOS and firmware all need to be updated regularly. Zero-day
exploits are insanely common. This also has a benefit of keeping everything running smoothly.
Education would be my other recommendation. Showing your workers what to look for in
scam emails or social engineering is a smart move as it can prevent a headache down the
line.
(http
Maria Pina (https://learn.maricopa.edu/courses/1298288/users/4291833)
Sep 28, 2023
Education is a great recommendation. I think many SMB think IT/Cybersecurity just too
difficult to understand. :(
(https://
Katherine Moore (https://learn.maricopa.edu/courses/1298288/users/4424216)
Sep 22, 2023
I think the initial step is to establish the importance of cybersecurity to the small business
owner (create buy-in) prior to offering any sort of recommendations. I would probably do this
by establishing what is important to their business (whether this be their online presence or the
data the business generates) and use that as a starting point to incorporate the importance of
cybersecurity. Without knowing specifically what the business needs are, it’s near impossible
to provide detailed recommendations, but universally, I would say the most important
cybersecurity goal is protecting sensitive data, mainly personal information about customers
and/or employees. Failure to protect this data could result in legal action against the business.
My first recommendation would be about internal threats and employee education. It’s
important to remember that internal threats can be the biggest threat to an organization’s data,
and small businesses are less likely to have detailed security policies to protect against
internal threats. It’s important to have physical security in place to protect from tampering as
well as utilizing a principle of least privilege for data access.
My second recommendation would be to look at specialized software to handle business
needs. For a company that requires web hosting and data storage, I would look at cloud
technologies (AWS, Microsoft Azure, and Google Cloud Platform being the big 3). Using these
technologies makes use of the security technologies that these companies implement and
1/4/24, 10:04 AM
Topic: Weekly World View : Cybersecurity for SMB
https://learn.maricopa.edu/courses/1298288/discussion_topics/7194812
5/11
removes a lot of the required upkeep. The initial migration to a cloud service can be daunting,
but once implemented, the management of the systems can be completely automated. At the
very least, customer and employee data needs to be encrypted, and credit card transactions
need to be handled by a reputable payment processing system. This software then needs to
be kept up-to-date, preferably with automatic updates.
(https://
Penelope Vicuna (https://learn.maricopa.edu/courses/1298288/users/3813555)
Sep 22, 2023
As a cybersecurity consultant, two recommendations I would make to a Small Business Owner
about Cyber Threats on how to protect themselves would be to have an incident response plan
and to conduct regular testing. By being proactive about your response if and probably when a
cyber attack occurs, you can minimize the damage you have to control. You should have
backups in order to ensure that when a cyber attack occurs, you have the most recent version
available to restore. The second part would be to regularly test the plan through simulations
and drills in order to identify weaknesses. This would help refine the response process,
effectively reducing downtime, limiting data exposure and demonstrating to the world that you
can handle threats well, meaning that you save face and earn credibility to your reputation.
Because version control and because reputation are important, for these reasons I
recommend being proactive by having an incident response plan, including backups, and to
conduct regular testing on the website. (http
Micah Mcclellan (https://learn.maricopa.edu/courses/1298288/users/3946822)
Sep 24, 2023
I like that would recommend for them to have an incident response plan. It isn't so much
as "if" a company will get hacked and more of a matter of "when", so it is important to be
prepared. I've noticed that small companies often either don't have the resources or do not
understand the importance of a cybersecurity budget, so I think it would be a great
recommendation for them to conduct regular testing because that at least gets it on their
radar of importance.
(https://
Micah Mcclellan (https://learn.maricopa.edu/courses/1298288/users/3946822)
Sep 24, 2023
1/4/24, 10:04 AM
Topic: Weekly World View : Cybersecurity for SMB
https://learn.maricopa.edu/courses/1298288/discussion_topics/7194812
6/11
The first recommendation that I would make to a small business owner regarding how to
protect themselves from cyber threats is to always have backups of their data. It doesn't matter
if no one is interested in hacking their business, because they can still lose their data if a
power surge happens or if their underpaid/under qualified IT admin makes a mistake with the
server configuration and loses their data. The next recommendation that I would make is to develop a security-first culture in the
workplace to protect themselves against phishing attacks. Have mandatory training when
onboarding and monthly reminders for employees to be cautious and careful with their online
presence. (http
Macy Lane (https://learn.maricopa.edu/courses/1298288/users/3942946)
Sep 24, 2023
I agree with you that backing up your data is important no matter how small or big. I like
your second recommendation as well because phishing attacks are more common than
they actually seem especially in small businesses. Nice job on your post! (https://
Victoria Martinez (https://learn.maricopa.edu/courses/1298288/users/4145115)
Sep 24, 2023
It's definitely interesting to even think that small to medium businesses (SMB) are exposed to
such threats. However, the article goes into detail, discussing various ways the business can
be proactive and have their security needs met. My first recommendation as a cybersecurity
consultant would be to proactively detect malware and vulnerabilities. Being that computers
are vulnerable, to begin with, it is beneficial to use an automated vulnerability scanner that will
continuously scan for vulnerabilities on your website. As the article mentioned there may be
"malicious code working silently in the background without owner knowledge or causing any
visible malfunction." A second recommendation would be to perform backups regularly. In all
honestly, backups are essential for everyone regardless of what type of devices you use in
your day-to-day life. In this instance as an owner of SMB, it is an insurance policy that will get
you back on track if undergoing any sort of cyber attack by allowing you to restore lost
information quickly. (https://
Tyler Campos (https://learn.maricopa.edu/courses/1298288/users/3577189)
Sep 24, 2023
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
1/4/24, 10:04 AM
Topic: Weekly World View : Cybersecurity for SMB
https://learn.maricopa.edu/courses/1298288/discussion_topics/7194812
7/11
One recommendation would be to invest in multiple levels of security in order to maximize the
chances of keeping threats out. Purchasing an anti-virus software allows you to be protected
from viruses and malware while working online. This is just one level of security; however, by
adding a locked closet for your hardware, adding an access control list, key cards, cameras,
and data backups you can greatly increase your chances of keeping intruders out. No matter
the security, sometimes intrusions occur and data backups are instrumental in restoring
corrupt data or software. There are many different forms of security and choosing them should
be based on the size, industry, environment, software needs, hardware needs, and other
factors that a company uses. Another recommendation would be to engage in user training as often as necessary. The
hardest problem in keeping a system secure is keeping the system secure with your
employees. If you have employees who are not trained in security awareness, then they can
cripple your company from the inside without knowing. For example
(https://www.ktnv.com/news/mgm-says-hotel-reservations-back-online-as-company-deals-with-
cyber-attack-
aftermath#:~:text=According%20to%20VX%2DUnderground%2C%20the,13%20in%20a%20previou
s%20interview.) , just this month the MGM was hacked using social engineering and a phone
call. A hacker group called in pretending to someone at MGM that was currently locked out.
The help desk person obliged and gave them access within the company. Supposedly within
ten minutes they were in the backdoor of MGM servers. Frequent security training and
standard security protocols with all of your employees can help prevent this things from
happening. (http
Ryker Wellnitz (https://learn.maricopa.edu/courses/1298288/users/4124160)
Sep 24, 2023
I really like that you used a recent example to back up your point. It's pretty crazy that
someone can gain access to the entire system of a massive company like MGM through a
simple phone call. While I didn't mention employee training in my two points I probably
should have - they can be the biggest weak points in security.
(https://
Georgi Nikolov (https://learn.maricopa.edu/courses/1298288/users/3674914)
Sep 24, 2023
They can secure their networks and databases, and educate their employees. First thing to do
is to set up firewalls and encrypt information which will help minimize the of risk gaining access
to confidential information by hackers. Employees should secure and protect information about
1/4/24, 10:04 AM
Topic: Weekly World View : Cybersecurity for SMB
https://learn.maricopa.edu/courses/1298288/discussion_topics/7194812
8/11
the customers and the company, and there should be a limited number of users with
administrative access. (https://
Macy Lane (https://learn.maricopa.edu/courses/1298288/users/3942946)
Sep 24, 2023
One specific I noticed in occurrence with Cybersecurity for SMB would be to detect any
unknown vulnerabilities and malicious activity right before it even starts. According to
Information Age (2021), using an automated vulnerability scanner will actually help detect any
sort of malfunction before it even happens. In accordance to that, they will be able to detect it
quicker before it poses a greater threat. Another great way the business can protect
themselves would be through Multi-Factor Authentication. It provides small business owners
with multiple layers of protection, which means the individual trying to access it will need to go
through more than one layer of authentication in order to gain entry to what they need. Cyber
threats have been ongoing especially in the world of small businesses and these are just
serval measures that can be taken to ensure another level of security. Many organizations
experience some sort of data breach and approximately 40% are counters of attack each
month. It's important to consider having a mindset that it "can" and "will" happen to anyone.
Many businesses don't realize that it can and will happen to them when they least expect it.
Thats why it's important to take the security of your website seriously to deter from any known
cyber criminal activity. Information Age, 2021. Five Tech Capabilities to Shape Your SME Website Security Strategy.
https://www.information-age.com/five-tech-capabilities-shape-your-smb-website-
security-strategy-17823/
(https://www.information-age.com/five-tech-capabilities-shape-
your-smb-website-security-strategy-17823/)
(https://
Kaiden Mee (https://learn.maricopa.edu/courses/1298288/users/4035900)
Sep 24, 2023
The first thing I would recommend is training the employees to prevent cyber threats from
happening. Setting up security training courses for them to learn and practice would be great
because it can help them prepare for what kind of threats they will have to face and to be
aware what they're up against. It is also good that they learn policies so that they know how to
act and not violate them.
1/4/24, 10:04 AM
Topic: Weekly World View : Cybersecurity for SMB
https://learn.maricopa.edu/courses/1298288/discussion_topics/7194812
9/11
The second recommendation I have is to set up a good firewall to protect the company's
network. This will help lower the risk of cyber attackers from getting access to the company's
important information and shielding your computer or network from any harmful network
traffic. (http
Anna Ranjbar (https://learn.maricopa.edu/courses/1298288/users/3927421)
Sep 24, 2023
Yes i agree that training employees to which they understand in order to prevent cyber
threats from happening. You also made a good point that firewalls can be set up to protect
the companies networks. (https://
Anna Ranjbar (https://learn.maricopa.edu/courses/1298288/users/3927421)
Sep 24, 2023
There are multiple steps to take in order to protect a company from hackers or any sort of
cyber attacks. One of the most important ways to prevent any sort of cyber attacks would be
performing and updating your software. Cyber criminals can target and latch on to those
vulnerabilities easily specially for small businesses. The second way is to train employees on
how to prevent any phishing attacks or clicking any type of malicious links sent by their
companies. Phishing attacks are the most common forms of attacks within businesses
nationwide and another form of security is companies training their employees to be aware of
any phishing emails or links being sent back and forth. (https://
Dee Hooks (https://learn.maricopa.edu/courses/1298288/users/4116379)
Sep 24, 2023
I would tell them to keep their tech updated, it would help with the latest software for protection
and keep vulnerabilities at bay. On top of that, I would tell them to tool up to uncover hidden
vulnerabilities that may be lying dormant in their software just waiting to attack and bring down
the system. What I do already is making sure backups are always up to date so in case
anything goes sour, we have a backup to retrieve everything from.
(https://
Martin Castro (https://learn.maricopa.edu/courses/1298288/users/4061844)
Sep 24, 2023
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
1/4/24, 10:04 AM
Topic: Weekly World View : Cybersecurity for SMB
https://learn.maricopa.edu/courses/1298288/discussion_topics/7194812
10/11
The two recommendations I would make for a small business owner about cyber threats is that
the first recommendation is to always keep to your tech updated with all the new technology
coming out and also with different ways to protect yourself from hacking or theft from anyone
doing this will help you. Another recommendation is to backup your info cause if a hacking
does happen you can always rely on recovering your information from a backup which is used.
(https://
Darlene Canales Gurrola (https://learn.maricopa.edu/courses/1298288/users/4179111)
Sep 24, 2023
Two recommendations I would make to a small business owner as a cybersecurity
consultant are keeping their tech updated and performing backups. Keeping the tech updated
can prevent those who want to harmfully gain access to their website. This means that the
small business owner must check for updates actively. However, there are automated CMSs
like WordPress and Magento that automatically update and save some time. Performing
backups can apply to anything in life, but in this case, it is important to have a strong backup
plan if the website goes down. An example of a backup plan is having snapshots and restore
tools. Although there are other factors to keeping a website safe, I believe keeping tech
updated and performing backups are essential to prevent cyber attacks.
(https://
tony Londono (https://learn.maricopa.edu/courses/1298288/users/3165869)
Sep 24, 2023
Weekly World View : Cybersecurity for SMB
As a Cybersecurity consultant I would advise my customers that about a third of small businesses believe they are immune
to cyber-a±acks. Because of this incorrect belief, over 40% of small business owners experience a cybera±ack every month.
Cyber-a±acks have cost many small businesses loss of revenue, customers trust, and produc²vity. I would explain to them
the various types of cybera±acks and the impact it could have on their business both short term and long term. Not only
could the business find themselves in financial troubles, depending on the type of business they could face legal
implica²ons. (informa²on age, 2021)
To protect against cybera±acks, I would share ²ps on how to make their business more secure. These ²ps would include
ensuring that all devices on the network are up to date. I would advise them to purchase an²-malware so³ware to be
proac²ve at detec²ng vulnerabili²es on the network. I would also educate the small business owner about performing
regular backups of their database and u²lize restora²on tools to help them restore their data quickly. (informa²on age,
2021)
Cita²on
1/4/24, 10:04 AM
Topic: Weekly World View : Cybersecurity for SMB
https://learn.maricopa.edu/courses/1298288/discussion_topics/7194812
11/11
Editor's choice (2021, April 1st). Five tech capabili²es to shape your SME website security strategy. Informa²on
Age. h±ps://www.informa²on-age.com/five-tech-capabili²es-shape-your-smb-website-security-strategy-123494561/
(https://
Ryker Wellnitz (https://learn.maricopa.edu/courses/1298288/users/4124160)
Sep 24, 2023
1. Create backups, frequently.
In the event of a cyber attack losing data can mean loss of revenue and productivity. Backups
can prevent this, but they are very easy to forget about or say "maybe later" to, and then it's
too late.
2. Stay current - Update your technology's hardware and software, as well as security
infrastructure.
One of the biggest points of cyber threats is hitting outdated technology not equipped to
handle a cyber-attack. Keeping everything updated can prevent an attack from ever
happening.