Monthly Archives: February 2019

Cybersecurity is a critical aspect of doing business, yet it tends to be tossed in the back burner — particularly by startups and small businesses who think they’re less of a target to hackers.

The truth is, the impact of a cyber-attack is even worse for small, ill-prepared companies.

According to statistics, 60 percent of small businesses collapse within six months following a cyber-attack.

As far as the likelihood of being targeted goes, just remember that DDoS or Distributed Denial of Service attacks are now sold on the dark web for around $25 per hour. That’s actually an incredibly low price, given that such attacks result in a double whammy of crippled sales and a stained brand reputation.

You might be surprised with the lengths dirty competitors will go to deal with threats.

In this post, we’ll discuss the strategies to prevent this scenario without breaking the bank.

Let’s begin.

1. Pick a Web Host with Robust Security
When building a website for your online business, one of the first challenges is picking a suitable host.

Although one-dollar hosting companies are highly tempting for aspiring website owners, they could spell trouble for your sustainability in the long-term.

Bear in mind that the ability to get a site up and running shouldn’t be the only item in your web hosting checklist. You also need reliable customer service, a streamlined control panel, and loads of security features to keep your website protected against online threats.

It’s not just about the bandwidth capabilities and uptime guarantees.

Below are some of the security features that you should look for when choosing a web hosting company:

Scheduled Backups and Easy Restore Points
24/7 Network Monitoring
Protection Against Malware and Viruses
Account Protection Tools
Built-In DDoS Protection
Web Application Firewall
Regular Updates to PHP, MySQL, and Other Systems

2. Get SSL
Speaking of web hosting security, some companies throw in a free SSL or Secure Sockets Layer for establishing encrypted connections between servers and users. This effectively stops digital eavesdroppers from intercepting sensitive information in transit.

Having an SSL certificate on your website also has a couple of other benefits that make it a worthy investment:
Better Conversions
If you sell products online, here’s an interesting fact:

A survey by the Baymard Institute reveals that 18 percent of customers left a website during the checkout process because of cybersecurity concerns. More specifically, they didn’t trust the website with their extremely sensitive credit card information.

Having an SSL certificate gives them reassurance in the form of a security validation. This is indicated by the closed lock icon to the left of your domain URL.

Higher Search Engine Rankings
In case you’re unaware, search engines like Google put great user experience above everything else in their ranking algorithms. This encompasses the security of users, which is why the use of SSL certificates is recognized as an important ranking signal.

If your hosting plan doesn’t come with an SSL certificate to boot, you may purchase one instead from a third-party vendor like Sectigo.

In addition to the certificate itself, Sectigo also offers a “secured seal,” which you can showcase on your website to boost the confidence of prospective customers — ideally in your home, product, and checkout pages.

3. Hire a DPO
For businesses that cater to EU residents, including those that aren’t based there, you’re probably already familiar with the GDPR or General Data Protection Regulation.

Put simply, the GDPR presents businesses a list of requirements geared for the data security of EU citizens, such as documenting the movement of data in your company, requesting for the consent of users for cookie usage, and designating a DPO or Data Protection Officer to oversee GDPR compliance, collaborate with data protection authorities, and so on.

The good news is, small businesses can now outsource a DPO from UK-based security organizations like Bulletproof — a much more cost-effective way to ensure GDPR compliance.

Of course, having a DPO in your company improves data security awareness among your staff. They’re also tasked with conducting regular security audits to deter potential breaches and review GDPR compliance.

DPOs are also responsible with the education of your data subjects — your EU-based customers — when it comes to your organization’s data privacy policies, security protocols, and their right to have their personal information deleted.

4. Use Two-Factor Authentication
While DDoS attacks can potentially, single-handedly demolish a small business, all it takes is one successful brute force attack to seal any company’s fate.

A brute force attack is when a hacker leverages a tool to generate heaps of consecutive password guesses, which will then be used to gain unauthorized access to an account.

If you let them brute-force their way into your systems, you’re basically handing them the keys to your online business.

Fortunately, you have a number of options when it comes to incapacitating these hackers.

An example is to use two-factor authentication to incorporate another verification step, typically using a one-time password sent via email or SMS.

This renders your website virtually impervious to brute force attacks.

However, implementing two-factor authentication on your website involves different steps based on your website platform. WordPress users, for example, can use a plugin like Two Factor Authentication to implement the feature without writing a single line of code.

Another way to stop brute force attacks is to limit the number of failed login attempts users can make before additional verification is required.

The usual route is to integrate CAPTCHAs as a verification step, which are designed specifically to stop bots from having any more login attempts once they’ve exceeded your limit.

5. Keep Your Software Updated
Last but not least, software vendors regularly publish patches that fix detected vulnerabilities in their product’s previous versions or expand its security features. This applies to everything, from content management systems to antivirus applications.

A good practice is to enable automatic software updates — at least in your crucial online business applications like security tools, operating systems, and so on.

By staying up-to-date with your software versions, you can improve your chances of weathering a zero-day attack. This is a type of cyber-attack wherein hackers exploit a vulnerability in an application before the developers and cybersecurity companies even find the issue.

Conclusion
For online businesses, capable cybersecurity is no longer an option in today’s world.

It’s never too early to invest in your endeavor’s protection against online threats. Remember, preventing cyber-attacks from causing damage is always more preferable than mitigating and cleaning up their effects later on.

Contributed by Zach Webber

In the disruptive age of Uber, Amazon and Airbnb, today’s consumers are accustomed to easy-access, high-quality services tailored to meet their needs. It is this experience with private sector technologies that is shaping their expectation for government service delivery.

In turn, the transforming government and citizen relationship has necessitated a radical rethink of government services. The ‘smart citizen’ demands an alteration of government service paradigms – shifting from services to focus on the experience. And it is precisely to examine this shift that the Government Experience (GX) – a new global framework for government service excellence from the UAE – is being launched at the seventh World Government Summit (WGS 2019).

Launched by the Emirates Government Service Excellence Program, the Government Services Forum will convene senior leaders from the public and private sectors to engage in a dialogue on the future of government services. Centered around the theme of ‘Powered by Experiences’, the Forum will explore multiple aspects including changing citizen expectations and their impact on government services, how governments around the world are meeting these expectations and addressing challenges in delivering exceptional service experiences, and how government services will evolve over the next 20 years.

His Excellency Mohammed Bin Taliah, Assistant Director General for Government Services Sector and Assistant Director General for Corporate Services Sector at the Prime Minister’s Office in the Ministry of Cabinet Affairs and The Future, said: “The time has come to unlock the extraordinary potential of governments to empower their people and communities. Equipped with new tools and a new mindset, leaders around the world can reimagine how they engage with and support their people. Much like the UAE, governments around the world have a renewed focus on citizen happiness. A responsive government environment offers tremendous opportunities for collaboration and participation.”

A unique platform, GX aims to unite government decision-makers, global practitioners and renowned innovators to re-examine and re-define the Government Experience for the present and the future. Across the all-encompassing initiatives that fall under the GX umbrella – the GX Services portal, GX Talks, and the GX RoundTable – the leading minds in today’s government services domain will explore and assess where the world is heading and look at the best practices that benefit the global citizen in the most impactful and positive way.

“Today, people expect the highest standards of customization, impactful personalization, quality and speed of delivery in all engagement. However, the concept of citizen-centric reform is not new. For some years there has been a greater push to align government services with the distinct needs of individual citizens and communities, made possible by the relatively affordable advances in technology and data analytics that have opened new digital channels and enabled greater customization and localism geared towards personal requirements,” Bin Taliah added.

According to Deloitte’s ‘A Government Perspective: Tech Trends 2018,’ governments are no longer looking at implementing ‘one-off IT initiatives’ in a single domain. Instead, there is today a more forward-looking approach to harnessing disruptive technologies that can work in harmony across an agency, department or multiple departments.

Boston Consultancy Group’s (BCG) 2018 insights on ‘A Blueprint for the Government of the Future’ states that we are seeing governments respond not in the traditional hierarchical and siloed way, but rather by fundamentally re-examining structure through creating priority clusters, establishing functional accelerators that build expertise in critical areas, adopting agile ways of working, using cross-functional teams and creating a streamlined, one-stop shop where people can access the services and assistance they need.

But this technology boom has implications on the skills required to replace the jobs that are being automated and made redundant. BCG recommends governments create functional accelerators that bring together talent in critical emerging areas such as big data and advanced analytics, behavioral economics, AI, and robotics.

Governments that are already experimenting with the accelerator model include the UAE and Canada. The UAE created a Ministry of Artificial Intelligence, mandated to promote AI both within and outside of government. Recently, Canada set up an Impact and Innovation Unit within the center of government to help transform the operations of the public administration. The UK and the US too have set up functional accelerators to advance their digital expertise. In the UK for instance, websites of 25 ministerial departments and 385 other agencies and public bodies have been merged into a single website, Gov.uk, which has begun offering e-services.

When redesigning the future of government service experiences, the essential pillars upholding the new paradigm remain the adoption of shared services across functions, leveraging third-party, private-sector providers to deliver some government services, and of course, stronger association not just between federal and local governments, but between public and private enterprises as well.

The Emirates Government Services Excellence Program was launched in 2011, in line with the vision of the UAE to be one of the best countries in the world by the year 2021. His Highness Sheikh Mohammed bin Rashid Al Maktoum, Vice President and Prime Minister of the UAE and Ruler of Dubai launched the program in order to raise the efficiency of government services to a seven-star level, by focusing on customer centricity and enhancing government efficiency.

The World Government Summit 2019 will run from February 10 to 12 at Madinat Jumeirah in Dubai. The landmark event is set to convene more than 4,000 participants from 140 countries, including heads of state and governments, as well as top-tier representatives of 30 international organizations.