Absolutely! Small business owners often make the mistake of thinking that cyber criminals have bigger fish to fry. They are wrong.

The Australian Cyber Security Centre found that a staggering 62% of small businesses surveyed in 2020 fell victim to cyber crime. Cyber criminals don’t care who you are or what you do; they only care about how easy it is to break into your system and how much money they can make from it.

Small and medium enterprises (SMEs) are often the low-hanging fruit for these ruthless attackers, because they tend to have less robust cyber defences than larger corporations. And the consequences can be devastating. Imagine having to fork out $40,000 or more to recover from a cyber incident, not to mention the loss of trust and reputation that could ruin your business. That’s the reality for many SMEs in Australia today. Don’t let it be yours. 
Cyber security is not a luxury; it’s a necessity for every business, no matter how small.

RSM's cyber security package offers a cost-effective way to protect your business from cyber threats. With 24x7 technical support, you can have peace of mind knowing that your data and systems are safe and secure.  
Our package allows you to:

• Identify and manage critical risks and vulnerabilities that could harm your business
• Build trust with your clients by showing them that you take cyber security seriously
• Educate your employees on how to prevent and respond to cyber incidents
• Defend against ransomware and other malicious attacks that could compromise your data

A data breach can have severe consequences for a small business, including financial losses, reputational damage, legal liabilities, and regulatory penalties. The impact will depend on factors such as your business's size, the extent of the breach, and the industry you operate in.

Some potential impacts include:

• Business disruption: A data breach can bring down your entire business, leading to financial and operational consequences. Being offline for hours or days can be costly, and the loss of data could be irreparable.
• Reputation damage: A data breach can harm your brand image and make it difficult to attract and retain customers, employees, and investors. It can erode trust and confidence, resulting in reduced sales and market share.
• Compensation costs: Affected parties, such as customers or employees, may seek legal claims and compensation for the harm caused by the breach.
• Regulatory penalties: A data breach can violate privacy laws and regulations, leading to significant penalties and compliance issues. Even small businesses must comply with privacy legislation, and the penalties for serious breaches can be substantial.

Our comprehensive cyber security package is tailored for small businesses, providing effective and affordable steps to protect your business. The assessment process includes a self-service security assessment that gives you a clear overview of your current cyber security risks and gaps. Additionally, you will receive 8 hours of expert consultation to guide you through the assessment.

Please note that this assessment is a high-level overview of your cyber security maturity and does not include full-fledged penetration testing or remediation services. We can provide more in-depth or specialized services upon request.

It's important to note that an Incident Response Plan, Disaster Recovery Plan, and Business Continuity Plan, which are crucial components of a robust cyber security strategy, can be developed separately with our assistance.

Cybersecurity implementation can be challenging for small businesses due to factors such as a lack of IT security skills, perceived high costs, and underestimating risks. A robust cyber protocol involves having a cyber-aware and educated employee, using up  to date and renewed training resources. At RSM, we focus on covering the key areas of cyber risk: people, process, and technology.

Our package includes a user-based security policy and a user education module, ensuring that both current and new employees, contractors and locums have access to the right resources to prevent damage.

We also provide a customizable user awareness training package that covers topics such as phishing awareness, safe internet browsing, and best practices for handling sensitive information. This service includes 8 hours of a  consultant’s time to assist with the customisation of the  security policy and running one training session. These training materials are designed to be engaging, easy to understand, and relevant to small businesses.

Our cutting-edge technology solutions provide robust protection for your business. Here's an overview of the key features:

Secure Web (Web Proxy with Isolation) - In today's rapidly evolving threat landscape, relying solely on traditional approaches poses risks. Cyber threat actors have become increasingly sophisticated and elusive, leveraging emerging technologies like generative AI to exploit vulnerabilities in traditional cybersecurity setups. It's no longer efficient for customers to play catch-up with these threat actors, identifying them only after damage has been done.    
With Menlo Security's isolation technology, we ensure that all web traffic is prevented from reaching our customers' devices. However, this doesn't mean compromising on loading speed or user experience. Our solution allows customers to view a rendered version of web traffic, providing a safe and seamless browsing experience while mitigating the risks associated with cyber threats.    
Stay one step ahead of known and unknown threats with our Secure Web Gateway and remote browser isolation (RBI). Our solution ensures true Zero Trust by containing malware and compromised sites within our Isolation Platform, preventing them from reaching your users. Enjoy the freedom to safely access websites that may have been blocked otherwise. Our Secure Web Gateway is a managed cloud service that seamlessly integrates with your existing infrastructure and supports all devices, including mobile users. It includes:

- URL category filtering controls to allow access to business-related sites and prevent access to inappropriate or dangerous ones. 
- Remote browser isolation capability for safe viewing of websites and risky web content like JavaScript and Flash. 
- Content inspection using next-generation AV and cloud sandbox. 
- File upload and download controls, document and archive isolation, and measures to prevent file-based attacks. 
- Control over browsers and versions used by your employees. 
 

Email Security -  ensure that only safe content reaches your endpoints through our comprehensive email security solution. We protect you from malicious links and attachments in emails by transforming and passing them through our Isolation Platform. Our time-of-click analysis determines if a page is confirmed malicious or suspicious, and we can also enforce Read-Only Isolation to prevent users from entering sensitive information like credentials. Our email security features include:

- Zero-hour credential phishing protection, even for unclassified or benign sites. 
- Rendering links in read-only format to prevent users from inputting credentials into suspicious sites. 
- Customizable banners that provide teachable moments. 
- Prevention of attackers from hijacking email accounts or accessing sensitive data.

Cloud Firewall - simplify and scale your firewall controls with our cloud-based solution. Our Cloud Firewall delivers unmatched security and firewall policies to all employees, regardless of their location or the ports and protocols used. In the modern work-from-home era, traditional physical firewall appliances are no longer sufficient. Our Cloud Firewall offers:

- Control over which ports and protocols can communicate over the Internet. 
- Traffic restriction based on source, destination, and service. 
- Utilization of publicly available threat intelligence feeds.

Secure Remote Access -  deliver a secure remote user experience without compromising productivity. Our solution provides secure access to web applications for trusted and untrusted users and endpoints. It allows easy access to apps needed for job functions, regardless of the network used. Key features include: 
- Secure access to applications for third parties, contractors, or BYOD devices. 
- Built on the Menlo Isolation CoreTM, integrating enhanced security directly into application access. 
- Granular application access controls, such as read-only or preventing uploads/downloads within applications.

Cloud Access Security Broker (CASB) - take control of your SaaS applications and ensure safe content delivery to endpoints. With our CASB solution, you can monitor and manage both sanctioned and unsanctioned SaaS applications. Gain visibility into SaaS usage and enforce appropriate usage within your organization. Key features include:   

- Allow, block, or isolate cloud apps based on policy settings. 
- Place risky, unsanctioned cloud apps into read-only mode. 
- Protect company data from accidental uploads or malicious extraction to the web.

DLP (Data Loss Prevention) -  achieve real-time visibility and prevent data exfiltration over the web. Our DLP solution includes over 300 predefined data dictionaries, including many tailored for the Australian market. Key features of our DLP offering include: 
- Prevention of data exfiltration from users copying content to personal email accounts and online file storage. 
- Detection and prevention of sensitive data exfiltration via file uploads and data input. 
- Built-in and custom queries, reports, alerts, and event logs for detailed insights into potential data breaches.

Service Prerequisites - To ensure a successful onboarding process, we require a short tenant setup request form to be completed and returned by the customer. For integration with remote sites, branch offices, etc., over SD-WAN networks, an IPsec tunnel needs to be established to Menlo Security. If small sites connect via a Telecommunications (Telco) provider supplied router, a change request may be necessary, with potential additional charges from the Telco. Firewall rules may also need modification to allow access to the Menlo Security Global Cloud Proxy and Isolation Platform. Further deployment requirements will be provided prior to onboarding based on the selected service offering.