Small businesses warned over cyber security lapses

Share this post

A recent report has shown that Britain’s small and medium-sized businesses are not prepared for the increasing risk they face from cyber attacks.

With Ransomware and DDoS attacks taking place on some of the biggest companies in the world in recent years, improving cyber security should be near the top of the list for any business owner.

Webroot’s research suggested that 79% of SMB’s said they were not fully confident in their ability to deal with a security breach.

That is concerning reading, considering that according to a 2017 Ponemom Institute Study, 61% of SMB’s have suffered some form of breach in the past 12 months.

More important than ever to protect your assets

Regardless of what sort of business you operate, whether you are personal training, or dog walking, ensuring your website and online data is secure is paramount to your operation.

Small businesses may believe they are unlikely to be targeted by cyber crime, but the very fact that they are less likely to have such sophisticated security in place means the criminals may have an easier time of things.

Attacks can come in a variety of ways, from data theft to the obstruction of a company’s website. Both have financial risks attached to the company, but the latter could affect businesses two-fold.

Losing client data not only means the loss of a customer’s trust, but with new GDPR rules, lackadaisical security arrangements could result in you being hit by a fine.

Any data breach must be reported to the ICO within 72 hours of it occurring. Subsequently, if the business is found not to have secure arrangements in place, or are deemed not to have a satisfactory procedure in place to deal with breaches, the ICO have the power to fine that business.

Staying ahead of the game

Cyber attacks and the criminals that carry them out are getting more and more sophisticated. That means, staying ahead of the game is tricky for small businesses that may not have the IT expertise or resources to do so.

However, through a structure of training among staff and an understanding of some of the risks involved with handling customer and client data, enterprises stand themselves in good stead should they suffer a data breach.

Understanding that breaches can come in a variety of ways, take many different forms and can infiltrate systems via a number of systems is vital to a small businesses preparedness.

Charlie Tomeo, Vice President of Worldwide Business Sales at Webroot explained; “Our study shows that the rise of new attacks is leaving SMB’s feeling unprepared.

“One of the most effective strategies to keep your company safe is with a layered cyber security strategy that can secure users and their devices at every stage of an attack, across every possible attack sector.”

There are a number of recognised courses on offer to improve a small business owner’s knowledge (or that of their IT department) on cyber security. Organisations such as the National Cyber Security Centre and the SANS Institute offer substantial courses on the risks of cyber attacks and security protocols for those looking for in-depth tutelage on cybercrime.

Other, less formal materials are also available from those organisations, tailored specifically to small businesses. A quick Google search will bring up numerous checklists for small and medium-sized businesses to improve their security.

Ultimately, a serious cyber attack against small enterprises is unlikely. However, it is the responsibility of those organisations to ensure that they are informed, aware and prepared, for the possibility that their cyber security arrangements could be tested, and potentially breached.