How to Protect Your Business from Top 5 Cyber Risks – Overview

On March 17th, 2022, AmCham hosted its first event of  the “Cyber Security Series”. An audience of 60 attendees was hosted by the Board Members Georgi Ganev, IBM Bulgaria, and Simeon Stoychev, VP Operations, Progress. The webinar was co-organized with the support of the Bulgarian Small and Medium Enterprises Promotion Agency (BSMEPA).  Petar T. Ivanov, CEO, AmCham Bulgaria and Boyko Takov, Executive Director, BSMEPA welcomed the participants

The presenters shared their experience and best practices on how to manage personal and corporate cyber security risks. They outlined the top-5 cyber security risks: 1) Lack of information; 2) Phishing; 3) Malware and Ransomware; 4) Data protection and 5) Data storage.

Risks Before SMEs

It was pointed out that 60% of SMEs that are targets of cyber attacks, go bankrupt within 6 months after the attack. The British government’s data shows that 38% of SMEs have found security breaches in 2021; 82% have faced phishing attacks, 25% – identity theft known as impersonation , 13% – malware /ransomware, and 27% of them have had at least 1 cyber-attack per week.

How to protect business and ourselves?

Georgi and Simeon outlined several essential elements of cyber security protocols and culture valid for  any organization. After assessing and evaluating the risks (probability and weight of each of the identified risks), security policies should be established. Those should be communicated to employees, who  need to be trained to recognize cyber security threats and attacks.

Users’ access to any of the systems should be both secure and “user friendly”. SSO is a good example how to achieve security and comfort altogether.

For the last five years, multifactor identification is among the keys to reduce cyber threat exposure. An analysis of Microsoft shows that multifactor identification reduces successful attacks with 99.9%

An organization should have a track record of logs – who, when, from where a user is using the system or goes into the organization’s accounts.

A good piece of advice is not to keep data that is not necessary for the business. Such stray data becomes a “prize” for the hackers and can cause additional damage.

Patches and prioritization are an additional way to protect our data and systems. – It’s advisable to prioritize the protection of  a company’s publicly available resources over the internal ones.

Definitely, following the best practices of golden standards will make hackers’ life harder. The more efforts and resources they should invest to breach an organization’s security , the less reward and satisfaction they would  get.

In brief, cyber security hygiene is crucial for any organization.


Download the presentation

Watch the full session in video