Kinyarwanda version

Growth for small to medium enterprises has been highlighted as a key factor in Rwanda’s development. Sustained growth in this sector is vital for socio-economic development, and with modern business increasingly relying on digital solutions, cybersecurity has a large role to play in protecting SMEs (small and medium enterprises).

Smaller businesses are more vulnerable to cyberattacks as they do not have the resources that larger corporations do. While larger companies can afford top of the range protection solutions, smaller businesses may be fiercely contending with keeping the business running, and therefore don’t allocate adequate resources to cybersecurity.

Malicious actors use this to their advantage. According to CyberSecurity Magazine, 83% of small and medium-sized businesses are not financially prepared to recover from a cyber-attack, and 43% of all data breaches involve small and medium-sized businesses.

Prioritizing cybersecurity for your small to medium enterprise does not categorically require large spending of your business’ resources. A change of mindset, that brings along with it the adoption of key best practices, can help prevent your business from being the victim of a cyber-attack.

Cybersecurity best practices for SMEs:

1. Conduct regular training programs for your employees

Training staff well can mean your whole team is aware of the latest cybersecurity risks and able to sufficiently respond in such situations.

Seek capacity building for your employees through training applications, awareness workshops and if feasible, cybersecurity certifications.

2. Perform risk assessment

A cybersecurity risk assessment is critical for determining whether or not your business is prepared to defend against a range of cybersecurity threats.

Depending on the risk assessment framework you choose to adopt, your business will identify, analyse, evaluate, prioritize, treat and monitor risk, so that you are aware of potential treats and the processes for your business to respond.

3. Deploy antivirus software

Ensure work computers have antivirus or endpoint protection software installed and that automatic updates are enabled.

The anti-virus will allow your team to scan all email attachments and downloaded software, to prevent running malicious content on your device.

4. Keep software updated

With all the devices you use within your business, applying software updates will help to fix newly discovered bugs and security holes that could leave them vulnerable targets to malicious actors. Ensure software updates are applied as immediately as they become available.

5. Backup your files regularly

Regular backups mean you have additional copies of your data outside of your business network. In the case of a breach, these backups can offer a solution towards company data that has been lost or made inaccessible by malicious actors.