Many small firms think that cyber security is something that will never be an issue for them and that it is large firms that are the target of electronic criminals.
Yet the most recent “Cyber Security Breaches” survey from the UK shows that 42 per cent of small businesses (employing less than 50 employees) have been breached in the last 12 months with a fifth of these firms taking a day or more to recover from the breach. And whilst three quarters of the owners of small firms consider cyber-security to be a high priority, only 26 per cent have a formal cyber security policy and less than one in five train their staff to be cyber aware.
Whilst there can never be a guarantee that an organisation cannot be hacked, the UK Government has recommended a few simple techniques can at least help to protect the business from all but the most determined hacker.
First of all, employees should download software and app updates as soon as they appear as most of these contain vital security upgrades that keep devices and information safe.
Secondly, there should be a policy of using strong passwords made up lower and uppercase letters, numbers and symbols to protect systems from being entered
Thirdly, any suspicious emails should be deleted immediately as they may contain fraudulent requests for information or links to viruses. Most security breaches are initiated via malicious emails and at the very least, installing anti-virus software on all devices can prevent infection which can result in loss of trade.
Finally, whilst the responsibility for security lies with the owner manager of the business, it is important that all stakeholders are be made aware of cyber security threats and how to deal with them. This includes not only staff but also customers and suppliers (although only 12 per cent of businesses require suppliers to adhere to specific cyber security good practice).
Given that attacks on businesses are increasing, this whole issue of cybersecurity is being taken seriously by the UK Government and it has already introduced the Cyber Essentials scheme, supported by industry, which helps firms to develop a basic level of protection against cyber-threats.
These include building firewalls to prevent unauthorised access to or from private networks, configuration of systems to ensure security, ensuring appropriate access by staff to the firm’s systems, up-to-date virus protection, and using the latest supported version of software and applications.
More importantly, this process will help companies to begin identifying areas for cybersecurity improvement in the future and demonstrate to customers that they take this issue seriously.
Businesses would never leave their premises open at all hours without anyone there or their cash in the tills overnight. Yet in a world where more and more business is being done online, the importance of protecting your business from electronic thieves seems to be something that many firms still need to address properly.
Certainly, an attitude by senior managers of “it won’t happen to me” is not acceptable in a world where cybersecurity is becoming one of the key concerns for all firms operating online and it is critical that businesses, both large and small, should prioritise not only the technical solutions to this vital issue but also in terms of educating both staff, suppliers and customers on the role they can play in safeguarding the company.