According to a Cyber Securities Breaching Survey “around a third (32%) of businesses and two in ten charities (22%) report having had cyber security breaches or attacks in the last 12 months” and where a loss of data or assets occurred the average cost of that attack was £4,180.00
With the implementation of GDPR the need for online security has become even more vital and it is, therefore, important for organisations to both take steps to protect themselves and understand the types of attacks they face.
These include:-
Phishing – hackers masquerade as legitimate people or organisations and trick employees into opening infected emails.
Malware – will harm data and software within a server – will often be attached to phishing emails.
Hacking – gaining unauthorised access to computers and emails so data can be manipulated.
Keylogging – obtaining sensitive data by by taking screenshots and tracking keystrokes.
It is also useful for businesses to be aware of information and guidance available to them to help with the task of online protection as “only seven per cent of businesses and nine percent of charities have sought information or guidance from Government or public-sector bodies (such as the National Cyber Security Centre ). “ even though “75% say this information has been useful” and there is a wealth of good quality, valuable advice and information available.
So where should a business start?
The government have produced a Small Business Guide to Cyber Security that will help you to get the basics right quickly, easily and with little cost; including information on the importance of backing up data, how to avoid phishing attacks and protecting your organisation from malware.
https://www.ncsc.gov.uk/collection/small-business-guide
Free online Cyber Security training for businesses and staff is also available through FutureLearn – a course developed in conjunction with the Open University and is GCHQ certified.
This course will teach you to understand the legal and regulatory issues surrounding cyber security, how to recover from security failures and much more, helping you to “frame your online safety in the context of the wider world, introducing concepts like malware, viruses, trojans, network security, cryptography, identity theft and risk management”
Details can be found below.
https://www.futurelearn.com/courses/introduction-to-cyber-security
For larger businesses the National Cyber Security Centre have put together information on a ten step process to cyber security, which includes information on network security, monitoring and incident management.
https://www.ncsc.gov.uk/collection/10-steps-to-cyber-security
Finally the website – Get Safe Online – has lots of free expert advice on all aspects of online security.
https://www.getsafeonline.org/
Whilst we have to accept that all SMEs are at risk from cyber criminals, by taking the necessary steps and accessing the wealth of tools available to us we can do a lot to limit the dangers to our businesses.
Using good cyber security measures will help to protect your business, it’s reputation and ultimately lead to improved customer confidence.
It is also important to remember – especially during this Tax Return season – HMRC will never ask for personal details by unsolicited phone, email or text messages.
Disclaimer: The information in this article is provided for general information only and does not constitute legal or professional advice. We cannot accept responsibility or liability for any actions you may take, or not take, based on this information.