In this second part of a two-part series, Hawaiian Telcom security operations manager Jaspher Respicio continues to answer questions about strengthening cybersecurity for small and medium-size businesses, or SMBs, which are increasingly targeted by cybercriminals.
Question: How can SMB owners train employees to be more cybersecurity aware?
Answer: Ongoing training is a must. Use real-world scenarios that employees can relate to, like phishing emails that appear to come from a local business or client. Gamify the learning process to keep engagement high and provide short, frequent training sessions instead of long, one-time events. In Hawaii we have a strong sense of community, so emphasizing how one person’s vigilance can protect the whole business and the customers they serve is very effective.
Q: How can AI and automation help improve SMB cybersecurity posture?
A: AI and automation can provide continuous monitoring and quicker response times, which are especially beneficial for SMBs that don’t have a 24/7 security team. Automated tools can help with things like detecting anomalies, managing patches and responding to low-level threats. Modern cybersecurity solutions use AI and machine learning, and offer advanced protection tailored to SMB needs without requiring a large security team.
Q: What should SMB owners look for in a cybersecurity service provider?
A: Look for a provider with experience working with SMBs in Hawaii. They should offer comprehensive services, from monitoring and incident response to compliance support. It’s important that they understand the unique challenges faced by local businesses, like remote access needs and disaster recovery planning. Transparent communication and a willingness to work closely with you to improve your security are key.
Q: How do SMB owners ensure a safe Wi-Fi experience for their employees and guests?
A: Use WPA3 encryption and strong, unique passwords for your employee network. Set up a separate, isolated guest network to prevent unauthorized access to business systems. Regularly update your router firmware (software embedded in hardware to help it operate effectively) and disable unnecessary features like remote management. Implement a captive portal (web page that users must interact with before accessing your network), to control access and display terms of use. For businesses in high-traffic areas, this is especially important to protect your network while providing a good customer experience.
Q: What advice would you give to an SMB looking to build more robust cybersecurity?
A: Start with the basics: strong passwords, multifactor authentication and regular software updates. Conduct a risk assessment to identify your most critical assets and vulnerabilities. Invest in employee training to make sure that your staff is aware of common threats like phishing. If you don’t have an in-house IT team, consider partnering with a local expert who understands the unique challenges facing businesses in Hawaii. Building a solid foundation now will help prevent costly incidents down the road.
Q: What resources (e.g., tools, websites and communities) do you recommend for SMB owners to stay informed about cybersecurity?
A: The SANS Institute and the National Institute of Standards and Technology provide excellent guidelines, training and alerts on emerging threats, making them great starting points for SMBs. For real-time discussions and insights, Reddit communities such as r/ sysadmin and r/netsec are active forums where professionals share experiences and advice. Regularly visiting these resources will keep you informed and better prepared for evolving cyberthreats.