SMEs understand that cyber security represents a financial risk, but I hear from many of my clients that they are overwhelmed by the prospect of acting to protect their business.
And this phenomenon is confirmed by recent government research. In its report, titled: Cyber security breaches survey 2017, it revealed that of the 46% of companies which admitted they had detected a security breach in 2016, these events had, on average, cost them £1,380.
Tracking these incidents is a challenge because few businesses report them, it showed, with only 26% providing details of their most disruptive breach to anyone except their cyber security provider.
Everyone is a target
So why are we business owners so secretive about these cyberevents? Every week, clients tell me that they are too small to be targeted by cyber criminals or that they don’t have anything worth stealing.
Others don’t see themselves as being an online type of business, again evidenced by the report above, as it shows that small firms are much less likely to see online services as a core part of their offering.
I tell all my clients the same thing – that they are all potential targets for cyber criminals. But, at the same time, there’s no need to panic. Protecting your business is a matter of best practice.
How to protect your business from cyber-crime
So, here are my top five tips for managing cyber risks to your business:
1. Educate yourself and your people: the aim of a cyber attack may not be to steal information but to cause a disruption or con employees into transferring money. People are both your greatest strength and your weakest link. Training and communication are key.
2. Remember you are a link in a chain: we are all so connected, that it’s essential to make sure that your suppliers are also well prepared. The upside is that being able to prove you encourage best practice throughout the supply chain will be a selling point to your own customers, however.
3. Don’t get soft on your ‘ware: make IT a priority in management meetings. Report any cyber attacks to the board and make sure your virus software updates and patches are up-to-date.
4. The word on passwords: it is annoying, but important to regularly change your passwords and to use a good combination of characters, cases and symbols.
5. Encourage everyone to question who you are: as the owner, you will be a prime target for fraudsters hoping to con your employees into transferring money. Be the kind of boss who encourages people to check if an email really is from you by text or phone.
As a business owner, what is your biggest concern when it comes to cyber security?