Just how much do you know about online security and minimising cyber risks to your business? Take the AVG (AU/NZ) Online Security Quiz and find out whether you’re properly equipped to protect your business online.
Just write your responses onto a piece of paper, and compare them with the official answers on the next page.
Q1. What are the main IT security issues that SMBs face?
a) Online or web security against malicious websites
b) Email problems including spam, phishing and malware
c) Securing data so that sensitive information isn’t accidentally or deliberately distributed
d) All of the above
Q2. Online security is just about establishing a blacklist of websites to prevent staff accessing high-risk and social media websites.
True / False
Q3. Online security is about IT security technology solutions.
True / False
Q4. The number of internet connected devices per person on earth is:
a) 1 per 10 people
b) 5 per person
c) 140 per person
Q5. My staff would never fall for online phishing attacks.
True / False
Q6. Online security is about protecting the business from:
b) Cyber criminals
c) Cyber terrorists
d) Cyber activists
e) Disgruntled staff
f) All of the above
Q7. Should your business workstations run password protected user accounts without administrator rights?
Yes / No
Q8. Online attacks annually cost SMBs:
a) Over $100 million
b) Over $500 million
c) Over $1 trillion
Q9. Online Security isn’t an issue if we use Mac workstations.
True / False
Q10. This online security stuff is just too hard!
True / False
SMB Online Security Quiz Answers
A1. d) All of these are major problems. 99 percent of malware is now delivered via the web – 90 percent from popular websites. More than 70 percent of websites with malicious code are legitimate sites that cyber criminals have infected. More than 85 percent of all email is spam, and more than 80 percent of those spam emails contain malicious links. It’s very easy for sensitive information to be accidentally shared online.
A2. False. If only it could be that easy! The bad guys know how to circumvent blacklist based protection, as 75 percent of malicious websites are active for less than one day. Thus, a blacklist can never be an up-to-date and reliable form of protection. Effective web protection solutions, like AVG LinkScanner, are able to scan websites for malicious threats in realtime. It is also important to be aware that social media sites can be an effective tool to promote your business.
A3. Both. This is a trick question, because the statement is both true and false. Good security systems and processes are extremely important, but online security is primarily about people. Indeed understanding the people is more important than understanding the technology.
A4. b) It was 1 per 10 people in 2007 and is expected to be 140 per person in 2013. That is HUGE growth in online devices. 1.6 billion people are online today. The next billion people will come online mostly from developing countries.
A5. False. The CFOs of organisations like major universities and large local councils have fallen for phishing attacks costing their respective organisations hundreds of thousands of dollars. IT security solutions alone won’t protect your business from online threats. You also need an online security policy and an education program to raise awareness so that staff can recognise threats and scams and know what to do.
A6. f) All of the above. However, today it’s mostly about cyber criminals, so b) is also an acceptable answer. The activity of cyber criminals is increasingly more sophisticated and organised. Cyber criminals are not hackers – they are more tolerant of risk, have better funding and are more interested in the goal of obtaining your money or online resources than the method of reaching that goal.
A7. Yes. But do they? Restricting administrative privileges only to users who need them, when they need them, mitigates against 90 percent of vulnerabilities. User accounts need strong passwords of at least 12 characters, yet the most common password is ‘12345’.
A8. c) Over $1 trillion. And it’s getting worse, not better. Security crisis often costs up to 30 percent of a business’s value.
A9. False. The Mac and Linux/FreeBSD operating system platforms can be compromised just as easily as the Windows platform. In 2011, we have seen a significant increase in Mac related malware. Cross-platform threats also exist, as many Microsoft Word viruses work on both PC and Mac for instance. A couple of years ago there was also the Lindose virus which could infect both Windows and Linux files. You need proper protection for every operating system platform used by your business.
A10. False. It’s not rocket science. Sometimes the most effective countermeasures are non-obvious, but nonetheless effective. At least 70 percent of the targeted cyber intrusions commonly seen in the last year could have been easily prevented if businesses had implemented basic mitigation strategies.