How to protect your business against cyber attacks
Lisa Ventura, founder and CEO of the UK Cyber Security Association, looks at how cyber attacks impact businesses and SME’s, how sophisticated they are and what can be done to prevent them
According to a recent study undertaken by Barclays Bank the average cost of each cyber attack is more than £1,000 per attack, and 29 per cent of cyber attacks and attempts against small businesses and SME’s are successful. What’s more, 10.6 per cent of those who took part in the study revealed that they had been victims of a cyber attack, and 8.58 per cent of these had to make staff redundant to cover the cost of what happened to them. With 43 per cent of all cyber attacks and hacking attempts being against small businesses and SME’s, this is an area that is fast become one that can no longer be ignored.
A cyber attack is any criminal act against computers and networks and is often called hacking. It can also cover more traditional crimes conducted through the internet. Some common types of cyber attacks against businesses can include computer system attacks, malware, ransomware, business identity theft, phishing, web based and denial of service (DDoS) attacks. These kinds of attacks have the potential to inflict enormous damage to growing businesses, especially those who operate on small margins. However, many small businesses and SME’s do not have this as one of their main priorities, with other areas such as HR, accounts and investor pitching often taking precedence.
With cyber-attacks continuing to increase at an alarming rate and evolve beyond disruption towards specific objectives such as targeted data theft, they are now becoming more and more sophisticated. As such, traditional approaches to cyber-security are fast becoming ineffective. Perimeter-based security, detecting and blocking what comes in and out of the environment, is no longer adequate in stopping cyber attacks. 2018 is fast becoming the year in which CEO’s can no longer ignore the growing cyber threat. Cyber security and the prevention of cyber attacks is now everyone’s responsibility.
Securing your business from cyber attacks Regardless of what industry your business operates in or the size of your business there are some simple steps you can take to help safeguard against potential cyber attacks. Ensure your systems are up to date at all times - While there are many valid reasons why small businesses and SME’s struggle to keep their systems up to date including the cost of doing this, ensuring you are running the latest version of Windows, Mac OS and other software is crucial. By updating your systems on a regular basis major issues are often fixed, and you are less likely to be compromised by a cyber attack.
Back up, back up, back up and back up again - while in the past backing up company data was a laborious process, cloud storage solutions today are affordable, simple and fast. There are huge benefits to storing your data on the cloud and while there is still a small risk that these can still be compromised your data will be protected against certain types of cyber attacks such as ransomware. It is vital you take complete back ups of your company files and data on a regular basis.
Knowledge is key: Educate your staff – the more training and awareness that your staff have of cyber fraud, the better equipped they will be to safeguard against potential attacks. With small businesses and SME’s being more reliant and dependent on the internet than ever before, it is vital that you train all your staff to be cyber aware at a minimum. Conduct regular risk assessments – while there is much you can do to help protect your systems and business from cyber fraud internally, having regular risk assessments undertaken by a professional may highlight any areas that may have been overlooked. Cyber Essentials is a great place to start for this.
Introduce a password policy – insecure passwords can often be an organisation’s weakest link, so review these regularly. Introduce a password policy that forces your employees to change their passwords frequently.