Your Riskiest Year

Your Riskiest Year


You have a brilliant idea, a solid team to work on it and a seemingly endless supply of coffee to see you through long days and nights. You are a startup. And like the 388 million entrepreneurs globally who were starting or running a new business, you have come to realise that a business is at its most vulnerable when it’s starting out.

In today’s digital economy, cybercriminals are stealing whatever information they can from businesses. In fact, the largest growth area for targeted attacks last year was businesses with fewer than 250 employees; 31% of all attacks targeted them in 2012, a threefold increase from 2011.

Risky business

As soon as a new business is formed, creating an online presence is of immediate importance. However, many new websites are designed without considering security in detail. We’re also seeing an alarming trend where the small business is just a stepping-stone to infiltrate bigger corporate targets.

Related: Who’s Hacking Your Data?

The first year

Cybercriminals are quick to capitalise on new businesses, and once the Web domain is set up, attacks begin on user accounts almost immediately. In 2012, the number of Web-based attacks increased by 30%.

In addition to these broad, general threats there are more sophisticated targeted attacks, whereby criminals identify specific individuals within an organisation and tailor their tactics accordingly, often through a well-researched spear phishing campaign.

Overall, 4 in 5 small businesses experience an IT security incident during the course of their first year.

Protecting your big idea

Start-ups should ensure that they are protected from threats and they must plan for complete information protection out of the gate.

Know what you need to protect. Start-ups should carefully consider their market segment, as well as hold candid conversations about their needs with technology providers in order to ensure that they receive the level of security appropriate for their business.

Secure your online activity. One of the best ways to safeguard your new business and your customers is by protecting your website with strong authentication and Secure Sockets Layer (SSL) certificates. Having an SSL certificate authenticates the identity of your new business, as well as enables encryption, meaning that the sensitive information exchanged via the website cannot be read by anyone other than the intended recipient.

Use anti-malware software. Today’s security solutions do more than just prevent viruses and spam; they scan files regularly for unusual changes in file size, programmes that match known malware, suspicious email attachments and other warning signs. New viruses, worms, Trojan horses and other malware are created daily, and variations of them can slip by software that is not current.

Harness the cloud. With cloud-hosted security, everything happens seamlessly over the Web and updates take place automatically. The cloud is also ideal for backup, protecting against damage or loss of data that is stored on-premise. It also typically requires less capital outlay than purchasing an on-premise solution, and reduces the ongoing costs of in-house management.

Recent startups are far ahead of older businesses in terms of taking advantage of the cloud with 83% of businesses that are 1 to 2 years old having made cloud security purchases in the last 24 months, and 37% planning to purchase cloud security within the next year. Among business that are 6 to10 years old, by comparison, 30% have made cloud security purchases, with just 24% planning to do so in the next year.

Find a trusted partner. Cash-strapped startups should take advantage of the growing number of managed service providers (MSPs) who deliver backup and security services. These MSPs are utilising the same cloud technology to deliver a better lower cost solution, with minimal need for employee management.

Start-ups simply cannot afford to overlook any security measures. Cybercriminals are constantly working on new attack vectors, not only zero-day threats, but also blended threats that avoid traditional detection by leveraging multiple protocols and mix-and-match vectors of attack.

Staying safe poses a challenge, where the smallest window of vulnerability could be ruthlessly exploited. Today’s start-ups can benefit greatly from comprehensive solutions that effectively block threats across email, Web and IM to keep you and your information safe from the moment you start making your brilliant idea a reality.

Related: Don’t Be Hacked…Yes We Mean You

David Ribeiro
David Ribeiro is a Partner Account Manager at Symantec South Africa. He is responsible for managing the relationship between Symantec South Africa and the managed reseller Channels. During the past years with Symantec, David has been recognized for his dedication and achievements both locally and on a global level. In addition to receiving the Small Business Team of the Year awards for EMEA in 2008, he was also named the Small Business Salesperson of EMEA for FY10.