You might think that cyber criminals are not interested in your business, especially if you are a small business or just starting out, but you would be very much mistaken. Small business owners who have not implemented a thorough cybersecurity plan are running the risk of finding themselves with real problems. In some cases, this could even leave them without a business to protect.
It has never been more important for business owners to consider cyber security for their business. While there have been numerous catastrophic breaches of global businesses and government departments in the news in recent months, these are only the tip of a very big iceberg. They are the big, highly visible, events that we see on the surface. Below them is mass of smaller, less media friendly, attacks that are destroying lives and businesses around the globe.
Cyber criminals look for easy targets they can pick off in a shorter time frame than the more complex attacks required to compromise a large corporate. The reward for hacking a large corporation is certainly likely be higher but it is harder to do, far more time consuming and more likely to lead to the exposure and arrest of the perpetrators.
Small business owners need to be proactive with their cyber security if they want to survive and thrive. One small business in the UK is hacked every 19 seconds so it is no longer a legitimate option to simply react to these attacks.
The statistics showing the most common breaches are frankly a wake up call.
- 62% of breaches featured hacking (81% of hacking-related breaches leveraged either stolen and/or weak passwords)
- 51% included some form of malware
- 43% were social attacks
- 14% were due to errors
- 14% because of privilege misuse
- 8% were caused by physical actions
To give a stark view of what these means to business, at the time of writing this, the National Fraud Intelligence Bureau (NFIB) Fraud and Cyber Crime Dashboard reported 498,862 reports resulting in a loss of £2.6 billion in the previous 13 months. The highest point was July 2020 with 36,160 reports and a loss of £414.7 Million, at its lowest point of May 2020 the report was still a hefty 29,394 and a loss of £122.9 million.
So, what can be done to mitigate the risk of being a victim of cyber crime.
- Realise you are a target
Start by recognising that you are a potential target and taking positive steps to reduce the risk.
- Keep your systems and processes up to date
Let’s face it software updates are annoying, there is no getting away from it and yes, they will happen at the worst time, normally when you are in a rush. But software updates are a key factor in maintaining a secure computer system.
- Scrutinise every email
Regardless of who that email looks to be from review it before you click any links or open any attachments. It can only take one wrong click of a mouse button for your system to be compromised.
- Forget pet/friend/family names
People are creatures of habit. All too often the need for a new password will result in the use of something personal. It is time to forget those pets, friends and family member names and start using more secure passwords. Many internet browsers and password managers will suggest secure passwords for you.
- Back up your data
This is a key factor in both business and personal life. If your data in important to you then you need to be backing it up and more importantly testing the back up to make sure it will be there if you need it.
- Give your homeworkers business security knowledge
The pandemic precipitated one of the biggest changes in how we work in a matter of days. The shift to the workplace to from home working forced many of us on to the kitchen table or into the back bedroom office without giving us the time to take things like security into account. Reviewing how your team works at home is the key factor when it comes to ensuring that you, your data and your staff are secure.
- Do not let a Social Media post become a gift for cyber criminals
People are social and COVID-19 made social media even more key to how we interact with other people. For years people have been happy to post their daily run, dog walk times or check ins to venues, but all this information is a gift to both cyber criminals and criminals in general. Before you post a status consider how others will read the post. Is knowing that you run the same route at the same time of the day really a beneficial post for the world at large? It certainly is for criminals who know you are not at home.
- Get your people cyber aware
When you look at the stats above you see that a lot of these attack methods are caused by people not being cyber aware. Invest in training sessions for team as it may well just save your business in the future.
The list above is a brief insight into the things to be aware of. If we tried to cover everything we would have been here for a long time. While it would have made for an interesting read it would have only carried on enforcing the same point. As a business owner, no matter how big or small the business, you need to be investing in cyber security from day 1 and not sadly reviewing it as you try to patch together your business after a breach has occurred.
- So cyber criminals are not interested in me, are they? - June 28, 2021
- How secure are your remote workers? - February 28, 2021
- The basics of IT security - July 28, 2020