Protecting your Business from Cyber Attacks

Troy Gerrie • June 5, 2023

In today's digital age, businesses of all sizes are vulnerable to cyber attacks. Small and medium-sized businesses (SMBs) are particularly attractive targets for cybercriminals due to the lack of enterprise-grade security measures which are historically considered out-of-reach compared to larger organizations. However, with the right strategies and a layered approach to security and access to modern tools, SMBs can significantly reduce the risk of falling victim to cyber attacks. In this article, we will discuss various measures that SMBs can implement to protect their business from cyber threats.

Secure Backup and Recovery

One of the most critical aspects of cybersecurity is ensuring secure backup, recovery and continuity of business information. Regularly backing up your data and storing it in a separate location, preferably off-site or in the cloud in an isolated fashion, can help mitigate the impact of ransomware attacks or hardware failures. By having up-to-date backups and a fool-proof Disaster Recovery plan, you can restore your business information systems rapidly to minimise downtime.

Patch Management

Keeping all software, operating systems, and applications up to date with the latest patches and security updates is essential to protect your business from known vulnerabilities. Implementing a comprehensive patch management strategy ensures that your systems are fortified against potential exploits.

Multi-Factor Authentication and Identity Management

Implementing multi-factor authentication (MFA) provides an extra layer of security by requiring users to verify their identities through multiple factors, generally via an App on the users Cell phone. This makes it significantly harder for cybercriminals to gain unauthorized access to your business systems or sensitive information. Coupled with robust identity management practices, such as Conditional requirements upon sign-in, MFA enhances your overall security posture.

Device Management and Endpoint Detection and Response

As the number of devices connected to your network increases, so does the potential attack surface for cyber threats. Implementing effective device management practices helps ensure that all devices connected to your network, including employee-owned devices, adhere to security policies and are regularly updated. Endpoint detection and response (EDR) solutions provide real-time monitoring and threat detection capabilities, enabling prompt action against potential security incidents.

E-Mail Hygiene

Human error remains one of the leading causes of successful cyber attacks. Educating your employees about cybersecurity best practices is crucial first-layer defence in reducing the risk of falling victim to phishing attempts, social engineering, or other forms of manipulation. Regular security awareness training sessions can help employees recognize and report suspicious activities, strengthen password hygiene, and develop a security-conscious mindset.

Firewall and LAN Management

Securing your business's email infrastructure is crucial for preventing email-based attacks. Implementing Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-based Message Authentication, Reporting, and Conformance (DMARC) protocols are all some strategies can help authenticate and verify incoming and outgoing emails, reducing the risk of email spoofing, phishing, and other email-based threats.

Password Management

Weak and reused passwords are a significant security vulnerability. Encourage your employees to use strong, unique passwords and implement a password management policy. Consider utilizing password management tools or password vaults to securely store and manage passwords.


Securing your business from cyber attacks is an ongoing process that requires a layered approach to address various vulnerabilities. By implementing secure backup and recovery practices, effective patch management, multi-factor authentication, device management, security awareness training, email hygiene, firewall and LAN management, and password management, SMBs can significantly enhance their cybersecurity posture. Remember, security is a journey, not a destination. Stay vigilant, adapt to evolving threats, and regularly review and update your security measures to protect your business from the ever-growing cyber threat landscape.


More information on the security critical 8 and what's involved.

Recent Posts

Cyber security in small-town NZ: why it’s time to pay attention

March 26, 2025
If you think cybercriminals only go after big corporations in major cities, think again.  The majority of incidents recorded by the NCSC impact individuals and small to medium businesses, proving that cyber threats don’t discriminate based on location - they target opportunity. With over 23,000 reports to the Netsafe helpline, and $17.8M in losses reported last year, small-town businesses are very much in the spotlight. In the past few months alone, three local accounting firms in regional New Zealand have suffered a data breach,and local ISP - Inspire was recently the target of a malicious cyber attack.

What's happening at Yorb - Q1 2025

March 21, 2025
We've had a flying start to the year, and given we're really just past the point where you start to realise what day it actually is, we thought we'd share everything we've been working on lately. 2024 In Review As we reflect on 2024, it's clear that this year has been one of remarkable achievements and significant advancements for Yorb. We were very proud that we won the Reseller News Innovation Awards in the Regional Partner Category, a testament to our commitment to excellence and innovation. AI has continued to dominate the headlines, with some businesses making great strides in how they work and interact. However, the majority are still grappling with understanding the full impact of this technology on their business, industry, and society. As we navigate this evolving landscape, companies must adapt to the security implications, ensure the integrity of data, and adjust to changing work and consumer patterns. In line with our commitment to security, we launched our new Security Platform, Yorb Defender 2.0. Designed from the ground up to be Essential 8 compliant, we believe this solution is now a best-in-class product that meets the requirements of modern business. 2025 Looking Forward Looking ahead to 2025, we have set ambitious goals following the EOS business framework. Our recent Annual Planning has helped us develop our 10-year, 3-year, and 1-year goals, with a strong focus on several key areas: Client Experience: We are dedicated to ensuring that every interaction with Yorb meets and exceeds your expectations. Automation Platforms: We will continue to develop our automation platforms to provide more consistent and efficient service. Investing in New Technologies: Our focus will be on AI, Hyper-Automation, and Data Governance to stay ahead of the curve. Team Development: We are committed to investing in our team, ensuring they receive the best skills training in technical, people, professional, and business areas. We will are also excited to be launching business peer groups focussed around AI, bringing together business owners and leaders from across the regions to explore what the future holds for all of us. This year we are injecting new energy into our Total Support agreement, we believe there is more to our partnership than phones calls, Teams Conferences and remote support. We are therefore introducing ongoing scheduled visits as part of the contract, alongside a productivity focus with scheduled access to our development team. Kicking off this year will be monthly seminars on topics such as Security, AI, Productivity, we want to hear what topics matter most to you. Look out for your invite in the coming weeks. I’m incredibly excited by 2025 and the opportunities it brings, we call breath a collective sigh that 2024 is behind us lets get cracking on what promises to be a great year. Daniel Goymer CEO

Getting the most out of your IT provider webinar

March 12, 2025
Your IT provider should be a key partner in helping your business grow—but are they delivering real value? In this webinar, Kristal Jamieson, Marketing Manager at Yorb, sits down with Aaron Smith from Morphability to discuss how businesses can assess their IT providers, spot red flags, and ensure they’re getting the best service possible. Aaron has spent over a decade working with Managed Service Providers (MSPs) and now specialises in helping them refine their sales and growth strategies. With firsthand experience in how MSPs operate and evolve, he shares valuable insights on what to look for in an IT provider, what to avoid, and how businesses can maximise their IT investments. Join us as we dive into the key considerations for choosing and managing your IT provider effectively.
Share by: