Strengthening digital defences: Top cyber security tips for Zimbabwe’s SMEs

As we conclude Cyber Security Awareness Month, enjoy this guest post by Lorreta Songola.

October is Cyber Security Awareness Month, a global initiative to raise awareness about the importance of cyber security. Africa has become a fertile hunting ground for attackers looking to exploit weaknesses in organisations’ cyber defences and Zimbabwe has not been spared. 

One of the myths surrounding cyber security is that small and medium-sized enterprises (SMEs) don’t need it to the same extent larger enterprises do. On the contrary, SMEs are an attractive target for cybercriminals because they’re perceived to have weaker security measures – and the impact of a successful breach can be devastating.

For Zimbabwe’s SMEs, partnering with a cyber security provider is key. Preferably one with vast experience in safeguarding SMEs’ assets.

These are some of the top cyber security best practices, aligned with global standards, that Zimbabwe’s SMEs should be implementing:

Governance – Leadership must drive the process

• Zimbabwe’s SMEs need a cyber security risk management strategy driven from the top and managed by a dedicated official who can identify and act on problems immediately.

Identify – Know your critical digital assets 

• SMEs must keep an inventory of hardware, software, and sensitive data and identify potential vulnerabilities. Role-based access control to these records and assets is a good idea.

Protect – Prevention is the strongest defence

• Weak or stolen passwords are a common entry point for cybercriminals. Employees must use complex passwords that combine letters, numbers, and special characters. Multi-factor authentication and regularly updating systems provide an added layer of protection. 

• Breaches are often due to human error or a lack of awareness. Training employees to identify phishing emails, create strong passwords, and report suspicious activities helps safeguard against these risks and build a culture of security awareness. 

• Unsecured Wi-Fi networks are an open invitation to cybercriminals. Strong encryption that ensures only authorised devices can access the network, and a separate network for guests are some solutions to this challenge. 

Detect – Be prepared for cyber threats at any time

• Firewalls and antivirus tools must be kept updated to protect against the latest threats. Proactively monitoring network traffic helps detect suspicious activities early, while intrusion detection and prevention systems guard against real-time threats.

Respond – Be ready with a response plan

• Having a response plan can minimise damage in a cyberattack. It should outline the steps to take during a breach, who to notify, and what actions to take, ensuring everyone understands their role.  

Recover – Rapid recovery is essential to business continuity

• Regular backups and a clear recovery plan ensure that a business can get back on its feet quickly after a cyber incident. Back up critical business data to a secure off-site location. 

About the writer:

Lorreta Songola is the Regional Chief Commercial Officer, Central African Region for Liquid Intelligent Technologies 

Also read:

• Back to Basics: Why Cyber Hygiene Still Matters in the Age of AI and Evolving Threats
• Zimbabwe is third most attacked country in the world because cybersecurity is a joke to us
• Cybercriminals hack ZESA and have control of critical systems and terabytes of sensitive data?