Connect with us

Politics

How to Develop a Cybersecurity Strategy for Your Online Business – ReadWrite

Published

on

Hasan Saleem


Since the onset of the COVID-19 pandemic, and with the subsequent shift to work and life online, cybercrime has been booming, forming a serious threat to the digital security of businesses. 

According to a recent cybersecurity report, cyberattacks are the fastest-growing crime segment in the United States. For 2022, experts predict $6 trillion in global losses – almost 60 times higher than in 2015.  

How to Develop a Cybersecurity Strategy for Your Online Business   

Consequently, cybersecurity has become more important than ever across the board – whether in education or investment banking. The same is true for your online business. 

However, to sustainably and effectively implement cybersecurity measures, you need a strategy – no matter whether you are a solo freelancer or run a virtual team. 

To help you, here is an actionable step-by-step guide for developing a cybersecurity strategy for your online business.  

1 – Understand the Risks and Raise Awareness in your Team

To begin with, you need to educate yourself on cybersecurity challenges in your industry. 

Freelancers or small core teams run many online businesses, and digital safety is often an afterthought. After all – only cyberattacks on large corporations end up in the news. Small businesses, it seems, are not attractive targets.  

This is simply untrue. Out of 2020’s successful data breaches, 28% – almost a third! – affected small businesses, according to Verizon.

Similarly, CNBC reports that 43% of cyberattacks target small businesses. Moreover, the consequences of a breach can be devastating. On average, they cost businesses $200,000. Unsurprisingly, 60% of small businesses that suffered breaches find themselves unable to cope and go out of business within 6 months. 

From the attacker’s point of view, targeting these businesses makes sense. While less lucrative than larger victims, they’re often low-hanging fruit. Breaching a small online business or a single freelancer and siphoning off all their clients – data is often trivial.

In creating your cybersecurity strategy, you need to be aware of these facts. More importantly, you also need to raise awareness of cybersecurity issues in your team. This includes other freelancers you might work with. 

The world’s best cybersecurity strategy will fail to protect your business if your team won’t follow it – or if a less careful partner of yours is breached. 

In fact, the World Economic Forum calls the lack of cybersecurity expertise and awareness in teams one of the top digital safety challenges for businesses in 2021. 

For all these reasons, the first step in developing your cybersecurity strategy is researching current digital threats, both in general and especially those prevalent in your industry. Once you have a grounded idea of what you are facing, you can start work to secure your business.

2 – Take Stock of Your Current Setup, Data, and Digital Security  

To develop your strategy, you need to assess your current virtual business setup. This includes 4 major components: people, hardware, software, and data. 

First, you need to verify who has access to what accounts, tools, and platforms. Even for freelancers, this might not be as simple a question to answer as you may believe. Consider, for instance, the web designer who built your site, collaborating creatives on any of your cloud drives, or apps you’ve given permission

Even something as simple as your family members using your devices can be a security risk in the long run. At this stage, also verify whether the people who can access your assets have themselves shared the credentials with anyone else. 

Second, create an IT inventory. Besides computers, tablets and phones, this includes routers and external storage devices. Perform a network scan of your home and office network to see if you actually recognize all the devices that are connected. Also, check and list the technical specs and operating system (OS) versions of each device. The older the device and OS, the more vulnerable they generally are.  

Third, compile a list of all the software solutions you use for your business, whether they are local apps, SaaS cloud solutions or plugins. Get an overview of the account, billing information, and access the information you use for each. For locally installed software, also note the version you are currently running. 

Finally, you will need an inventory of all the data your business handles – and where that data is stored. Note which local drives, external drives, and online storage solutions you have. When doing this, be sure to highlight which data is particularly sensitive and needs to be prioritized in terms of digital security. For example, client payment information and account credentials are in this category.

3 – Protect Your Virtual Assets

As a next step, address the weak points in your current setup to protect your virtual assets. 

To start with, evaluate and strengthen the passwords identified in the previous step and define who gets access to what. 

This might seem menial, but weak passwords and account sharing have brought even large enterprises low.

Also, change all default credentials on your accounts and devices. Especially when it comes to your routers, there are several precautions you can take to increase security, from changing the network name and admin credentials to disabling WPS and Remote Access. 

If you don’t have one yet, get a reputable password manager. This is invaluable in keeping track of all your passwords – and generating secure ones when you open a new account. 

Secure your password resets, too: Set up customer service pins if you can, and don’t use real information for security questions. Where possible, enable two-factor authentication (2FA) or multi-factor authentication (MFA). 

Next, go through all your devices, update the operating systems, and enable encryption and theft protection features. Updating your devices regularly is an essential element of maintaining your digital safety. The majority of technical data breaches don’t exploit new vulnerabilities, but developers have already fixed known ones. To benefit from these fixes, though, users need to actually install updates and patches

In terms of network security, get a high-quality VPN if you ever use anybody else’s or even public Wi-Fi. A more reliable (but also more expensive) alternative would be to get a mobile router.

Finally, also to think about digital security training – both for yourself and your team members. At the very least, make a cybersecurity briefing part of the onboarding procedure for new team members and freelancers.  

4 – Detect Threats, Invest in Digital Security Solutions 

Once you have put measures in place to protect your assets as well as possible, move on to installing safeguards that detect incoming threats. 

Most obviously, you need to have antivirus software installed. Given the potential cost of a cyber breach, consider investing in a paid plan by a reputable, well-established antivirus provider (see: techradar dotcom — best antivirus). Examples include Bitdefender, Norton, or Kaspersky. Make sure to stick to a fixed schedule for installing updates on your antivirus and perform scans regularly. 

When comparing solutions, comprehensive options have advantages over combining stand-alone services by different providers. Many vendors offer bundles that are simple to set up, yet combine VPNs, encryption solutions, backups, and various kinds of real-time protection. 

Going even further, some services such as Aura provide all-encompassing digital security solutions that go beyond your system. They combine technical aspects like Wi-Fi protection, VPN, and antivirus with credit monitoring, reputation monitoring, and identity theft insurance. 

5 – Set up a Response Plan to Round off Your Cybersecurity Strategy 

The final part of your strategy to protect yourself from breaches is setting up a plan for how to respond to them. 

Clearly define a procedure for worst-case scenarios, such as identity theft, a successful phish, or a ransomware attack. Layout all the steps you would have to take in each case – from wiping affected devices to requesting credit freezes. 

Also, keep a list of those who need to be notified if your business is compromised, and who could help you if a breach does happen. 

Having this information at your fingertips is invaluable if worse comes to worst. Responding swiftly to a suspected breach is critical to minimize the damage to your business and reputation. 

The Bottom Line 

Setting up a cybersecurity strategy to protect your online business is essential to operating in the virtual sphere in 2021. The cost of a data breach in your business is potentially devastating both in terms of reputation and finances. 

By following the steps outlined in this article, you’ll be able to develop an actionable strategy to minimize the risk of breaches. And to swiftly respond in case they do happen. Ultimately, this will help you operate more safely. And you’ll be able to rest assured that both your own and your client’s data is as secure as it can be. 

Hasan Saleem

Internet Entrepreneur and Digital Marketing Consultant.

Hasan is a seasoned web professional with an extensive record of successfully directing search and social media marketing operations to drive business development. Special expertise in eCommerce, new business startups, and online marketing.

Politics

Fintech Kennek raises $12.5M seed round to digitize lending

Published

on

Google eyed for $2 billion Anthropic deal after major Amazon play


London-based fintech startup Kennek has raised $12.5 million in seed funding to expand its lending operating system.

According to an Oct. 10 tech.eu report, the round was led by HV Capital and included participation from Dutch Founders Fund, AlbionVC, FFVC, Plug & Play Ventures, and Syndicate One. Kennek offers software-as-a-service tools to help non-bank lenders streamline their operations using open banking, open finance, and payments.

The platform aims to automate time-consuming manual tasks and consolidate fragmented data to simplify lending. Xavier De Pauw, founder of Kennek said:

“Until kennek, lenders had to devote countless hours to menial operational tasks and deal with jumbled and hard-coded data – which makes every other part of lending a headache. As former lenders ourselves, we lived and breathed these frustrations, and built kennek to make them a thing of the past.”

The company said the latest funding round was oversubscribed and closed quickly despite the challenging fundraising environment. The new capital will be used to expand Kennek’s engineering team and strengthen its market position in the UK while exploring expansion into other European markets. Barbod Namini, Partner at lead investor HV Capital, commented on the investment:

“Kennek has developed an ambitious and genuinely unique proposition which we think can be the foundation of the entire alternative lending space. […] It is a complicated market and a solution that brings together all information and stakeholders onto a single platform is highly compelling for both lenders & the ecosystem as a whole.”

The fintech lending space has grown rapidly in recent years, but many lenders still rely on legacy systems and manual processes that limit efficiency and scalability. Kennek aims to leverage open banking and data integration to provide lenders with a more streamlined, automated lending experience.

The seed funding will allow the London-based startup to continue developing its platform and expanding its team to meet demand from non-bank lenders looking to digitize operations. Kennek’s focus on the UK and Europe also comes amid rising adoption of open banking and open finance in the regions.

Featured Image Credit: Photo from Kennek.io; Thank you!

Radek Zielinski

Radek Zielinski is an experienced technology and financial journalist with a passion for cybersecurity and futurology.

Continue Reading

Politics

Fortune 500’s race for generative AI breakthroughs

Published

on

Deanna Ritchie


As excitement around generative AI grows, Fortune 500 companies, including Goldman Sachs, are carefully examining the possible applications of this technology. A recent survey of U.S. executives indicated that 60% believe generative AI will substantially impact their businesses in the long term. However, they anticipate a one to two-year timeframe before implementing their initial solutions. This optimism stems from the potential of generative AI to revolutionize various aspects of businesses, from enhancing customer experiences to optimizing internal processes. In the short term, companies will likely focus on pilot projects and experimentation, gradually integrating generative AI into their operations as they witness its positive influence on efficiency and profitability.

Goldman Sachs’ Cautious Approach to Implementing Generative AI

In a recent interview, Goldman Sachs CIO Marco Argenti revealed that the firm has not yet implemented any generative AI use cases. Instead, the company focuses on experimentation and setting high standards before adopting the technology. Argenti recognized the desire for outcomes in areas like developer and operational efficiency but emphasized ensuring precision before putting experimental AI use cases into production.

According to Argenti, striking the right balance between driving innovation and maintaining accuracy is crucial for successfully integrating generative AI within the firm. Goldman Sachs intends to continue exploring this emerging technology’s potential benefits and applications while diligently assessing risks to ensure it meets the company’s stringent quality standards.

One possible application for Goldman Sachs is in software development, where the company has observed a 20-40% productivity increase during its trials. The goal is for 1,000 developers to utilize generative AI tools by year’s end. However, Argenti emphasized that a well-defined expectation of return on investment is necessary before fully integrating generative AI into production.

To achieve this, the company plans to implement a systematic and strategic approach to adopting generative AI, ensuring that it complements and enhances the skills of its developers. Additionally, Goldman Sachs intends to evaluate the long-term impact of generative AI on their software development processes and the overall quality of the applications being developed.

Goldman Sachs’ approach to AI implementation goes beyond merely executing models. The firm has created a platform encompassing technical, legal, and compliance assessments to filter out improper content and keep track of all interactions. This comprehensive system ensures seamless integration of artificial intelligence in operations while adhering to regulatory standards and maintaining client confidentiality. Moreover, the platform continuously improves and adapts its algorithms, allowing Goldman Sachs to stay at the forefront of technology and offer its clients the most efficient and secure services.

Featured Image Credit: Photo by Google DeepMind; Pexels; Thank you!

Deanna Ritchie

Managing Editor at ReadWrite

Deanna is the Managing Editor at ReadWrite. Previously she worked as the Editor in Chief for Startup Grind and has over 20+ years of experience in content management and content development.

Continue Reading

Politics

UK seizes web3 opportunity simplifying crypto regulations

Published

on

Deanna Ritchie


As Web3 companies increasingly consider leaving the United States due to regulatory ambiguity, the United Kingdom must simplify its cryptocurrency regulations to attract these businesses. The conservative think tank Policy Exchange recently released a report detailing ten suggestions for improving Web3 regulation in the country. Among the recommendations are reducing liability for token holders in decentralized autonomous organizations (DAOs) and encouraging the Financial Conduct Authority (FCA) to adopt alternative Know Your Customer (KYC) methodologies, such as digital identities and blockchain analytics tools. These suggestions aim to position the UK as a hub for Web3 innovation and attract blockchain-based businesses looking for a more conducive regulatory environment.

Streamlining Cryptocurrency Regulations for Innovation

To make it easier for emerging Web3 companies to navigate existing legal frameworks and contribute to the UK’s digital economy growth, the government must streamline cryptocurrency regulations and adopt forward-looking approaches. By making the regulatory landscape clear and straightforward, the UK can create an environment that fosters innovation, growth, and competitiveness in the global fintech industry.

The Policy Exchange report also recommends not weakening self-hosted wallets or treating proof-of-stake (PoS) services as financial services. This approach aims to protect the fundamental principles of decentralization and user autonomy while strongly emphasizing security and regulatory compliance. By doing so, the UK can nurture an environment that encourages innovation and the continued growth of blockchain technology.

Despite recent strict measures by UK authorities, such as His Majesty’s Treasury and the FCA, toward the digital assets sector, the proposed changes in the Policy Exchange report strive to make the UK a more attractive location for Web3 enterprises. By adopting these suggestions, the UK can demonstrate its commitment to fostering innovation in the rapidly evolving blockchain and cryptocurrency industries while ensuring a robust and transparent regulatory environment.

The ongoing uncertainty surrounding cryptocurrency regulations in various countries has prompted Web3 companies to explore alternative jurisdictions with more precise legal frameworks. As the United States grapples with regulatory ambiguity, the United Kingdom can position itself as a hub for Web3 innovation by simplifying and streamlining its cryptocurrency regulations.

Featured Image Credit: Photo by Jonathan Borba; Pexels; Thank you!

Deanna Ritchie

Managing Editor at ReadWrite

Deanna is the Managing Editor at ReadWrite. Previously she worked as the Editor in Chief for Startup Grind and has over 20+ years of experience in content management and content development.

Continue Reading

Copyright © 2021 Seminole Press.