SMEs urged to prioritise cybersecurity in management of businesses
Discussants at an MTN executive breakfast meeting have urged small and medium enterprises (SME) to prioritise issues of cybersecurity in the management of their businesses.
They said that SMEs were not exempt from cyber attacks such as electronic mails, hence the need for them to implement robust cybersecurity measures to protect their businesses from phishing, spoofing and other attacks.
The speakers included the Senior Manager, Enterprise Information Security and Governance at MTN Ghana, Jacqueline Hanson Kotei; the Chief Executive Officer (CEO) of Innovare Ghana, C.K Bruce, and the Risk and Cybersecurity Specialist of the Ghana Association of Bankers, Audrey Mnisi.
The meeting, which was held in Accra yesterday, is the latest in a series to be organised by telecommunications operator, MTN, on the theme: “Cybersecurity and the digital transformation of SMEs”.
Acknowledging the limited resources of SMEs in the country, Ms Kotei said it was for this reason such businesses needed to ensure good risk and appropriate mitigation strategies to prevent cyber attacks.
“SMEs feel they are too small to be attacked, but attackers are expanding and they will take on just any business.
“Cybersecurity has to be woven into everything we do, it has to be on top of mind for everybody to understand. Protect your business no matter the size of your organisation,” she said.
As a first precautionary measure, Ms Kotei further advised SMEs to conduct a risk assessment of their businesses to get a clearer picture of their vulnerabilities and begin processes to patch and conduct continuous monitoring of their online platforms.
She added that since SMEs dealt with third parties regularly, they needed to monitor the security practices of such parties in order not to expose their businesses to risk.
While calling for regular training of employees and customers, Ms Kotei said SMEs must also ensure cyber-hygiene by continually changing their mobile money passwords, among other measures.
Ms Mnisi also said that the COVID-19 pandemic had compelled many SMEs with limited knowledge on digitisation to operate online without orienting themselves about cyber attacks.
Aside from capacity-building, she said SMEs must also consider operating online platforms like their personal homes by constantly updating their software and securing their conversations, among others.
For his part, Mr Bruce said owners of SMEs were the first point of access for hackers, hence the need for business owners to manage their work environment efficiently.
He said for any contract with a third party, SMEs must ensure that they had the right to audit to protect their platforms from external attackers.
In a speech read on his behalf, the Director-General of the Cybersecurity Authority (CSA), Dr Albert Antwi-Boasiako, advised SMEs to invest more in cybersecurity by not only acquiring equipment, but also building their capacity in best practices through regular training sessions.
He further urged them to find cost-effective solutions to cybersecurity issues, adding “without the right expertise, identifying vulnerabilities may become a challenge”.