Quick and simple ways to boost your business in just 10 minutes
For the seventh in our Take 10 series, we’re looking at some of the most common cyber security threats facing small businesses in the UK today, and outline 5 simple measures to help protect your business from cybercrime.
One in four businesses reported a cyber breach or attack last year
The internet has revolutionised the way businesses interact and attract customers, and many business owners feel it’s a critical part of their success. However, despite the internet’s many benefits there are security risks involved too – particularly around online security.
Government statistics warn that one in four businesses reported a cyber breach or attack in the past 12 months, and the latest Security Breaches Survey found the average cost of a severe security breach for a small business was between £75,000 and £310,800, up from £115,000 in 2014.
Statistics like these and the invisible threat of cyber crime can make it seem daunting. However, just like installing a security system in a high street shop, there are simple measures you can take to help safeguard your business against online criminal activity. To adequately protect your business, it’s data and reputation, it’s important to first have an understanding of the different types of online threats.
A cyberattack is any type of attempt to damage, destroy or gain unauthorized access to a business’s computer network or system. The perpetrator is often referred to as a ‘hacker.’
There are many different types of cyberattack, including:
Cyber fraud: attackers impersonate legitimate entities in order to commit fraud. An example of this would be an attacker impersonating a senior member of staff in an attempt to convince an employee to transfer company money for a seemingly legitimate business purpose.
Denial of service attack: DoS occurs when an attacker floods a website with more requests than it can respond to at one time so the website becomes unavailable. If customers cannot access your site, they may not be able to do business with you.
Hack attack: an attacker may compromise the confidentiality, integrity, or availability of a business’s network or data by exploiting a vulnerability in their cyber environment.
Ransomware: a type of malicious software, typically received by phishing email, which blocks access to computer systems until a ransom is paid.
Any combination of these cyberattacks could cause significant damage to a business of any size. Although unfortunately it’s thought that small businesses are seen as an easier target by cyber criminals, as they have more digital assets than an individual, but traditionally less security than a larger company. To help keep your business cyber secure, we’ve put together the below top 5 tips.
5 ways to ensure your business is more cyber secure
1) Use strong and unique passwords
It’s tempting to use an easy-to-remember password, like your birthday or mother’s maiden name, across multiple accounts. However, using a strong password, which includes both uppercase and lowercase letters, a number and a symbol, and unique passwords for each system, can help slow or even prevent unauthorized access to your computer or business systems. Password manager tools can help you generate and remember complex passwords.
2) Install and run antivirus or antimalware software
Antivirus or antimalware software is designed to detect viruses and malware and can help protect against or quickly identify viruses and malware on a computer system. Not every type of cyberattack can be prevented with antivirus or antimalware software, however installing and maintaining it can help minimise the risk of compromise.
3) Cultivate security-conscious staff
I’m sure we’ve all at one point sent an email to the wrong recipient accidentally, and although in some cases it might just cause embarrassment it could also have serious security implications for a business, if data were to land in the wrong hands for example. It’s important to establish a security-conscious culture as your employees have a critical role in maintaining business security. To assist, the Government provides free online cyber security training courses, which take between 45 – 75 minutes to complete, specifically designed for staff at small businesses.
4) Have a plan for when problems arise
However prepared you are there will be security incidents that arise from time to time, whether it’s your internet going down or an employee losing their work phone on a train. Having a plan in advance could help reduce the incident’s impact, support business continuity and will improve customer and stakeholder confidence. To help you put together a policy, the Department for Business Innovation & Skills have put together 10 steps for incident management.
5) Mitigate potential losses with cyber liability insurance
As part of your risk management plan, businesses can purchase cyber liability insurance which can mitigate losses from a variety of incidents, including data breaches, business interruption and network damage. Before you buy, it’s important to investigate which risks are covered by insurance packages, including your current policies, and that any new policy covers your true cyber exposure.
The overwhelming message from experts is that businesses should be prepared for a cyber security breach at all times. To help businesses stay one step ahead, the UK Government publishes a wealth of information including:
51% of businesses are yet to achieve a Government Cyber Essentials badge
There’s also a new Government-backed scheme, the Cyber Essentials badge, to guide businesses in protecting themselves against cyber threats. This typically costs around £300 to complete and provides customers that do business with you confidence that you’re taking important steps in protecting the cyber security of your business.
We hope you found this post useful. In the next instalment of Take 10, we’ll be looking at how to upskill your sales team.
The Funding Circle team