While there is no 'magic bullet' in preventing cybersecurity attacks, small to medium-sized businesses (SMBs) must adopt two-factor authentication to reduce risk of cybersecurity attacks, ESET claims.
The Slovakian antivirus and authentication vendor brands SMBs the "low-hanging fruit for identity thieves", citing Verizon research which indicates that 67 per cent of breaches investigated occurred within organisations of 100 or less employees, and often independent franchises of larger firms.
"More and more we are seeing SMBs targeted by this kind of attack," ESET Asia-Pacific (APAC) director, Parvinder Walia, said. "There are a number of reasons for this."
"Firstly, unlike their larger counterparts, SMBs generally have lower budgets for cybersecurity, making them a lot easier to penetrate for today's sophisticated and often well-funded attacker. They are also less likely to have personnel whose key role is to protect that data."
"It might look like hackers have a lot less to gain from hacking small businesses, however in many cases, SMBs are in fact low-hanging fruit, offering an easier and quicker way to access a much larger pool of vendors, partners, customer and more."
Walia said the one-time passwords generated by two-factor authentication systems prove advantageous due to their unpredictability and low cost, and should therefore be the go-to for SMBs.
ESET Asia chief operating officer (COO), Lukas Raska, said, "Two-factor authentication remains of the most cost-effective options for SMBs, to protect against the loss of critical personal data that can lead to identity theft."
"The real cost of each breach is immeasurable, especially when there is loss of intellectual property, damage to the brand or disruption to the business."
But while adopting technology is critical, ESET also emphasises the old cliché: employees, partners and vendors must be aware of the relevant protocols in keeping the network secure.
This includes the appropriate use of enterprise applications and social media within the corporate network, which must remain up to date.