Business environments are becoming increasingly complex, with an array of challenges that could impact a company’s potential to grow. We look at what small businesses can do to protect themselves against the threat of cybercrime.
One of the key findings of PwC’s 20th CEO Survey Research is that UK business is experiencing a high state of alert over cyber threats. Of the business leaders surveyed, 76% identified cybercrime as the second biggest threat their company is currently facing, while 97% say their organisation is currently addressing cyber breaches affecting business information or critical systems.
Cybercrime poses a threat to your business’s integrity
With many small businesses carving their niche in the online space, and selling their goods and services via their own e-commerce site, it’s never been more important for SME owners to ensure their company is protected against cybercrime. Your customers want to be reassured that the data they share with you is safe, and suffering a security breach can have a devastating impact on the way your brand is perceived. This year, Bupa, Three and Sports Direct are among the brands who have suffered the PR nightmare of having to regain consumer trust after their software was hacked, and it’s not just big players who need to protect their integrity by ensuring they have adequate data protection plans in place.
The National Crime Agency has warned that criminal cyber capability is outpacing the UK’s collective response, and SMEs have been especially slow to react to the potential threat of a security breach. While 33% of small businesses see developing their online presence as a key opportunity area for the year ahead, they are more than twice as likely not to have cyber insurance (6%) as their medium-sized counterparts (13%).
How do security breaches happen?
Hacking or malware
When an unauthorised person gains access to a computer, server or smartphone through the use of a malicious program. Trojans and worms are famous versions of malware. Password attacks also come under this category, where cybercriminals run a program that tries multiple passwords in order to gain access to data.
Examples include forwarding sensitive information to incorrect recipients, publishing private data to public web servers, and carelessly disposing of confidential documents. In addition, lost, discarded or stolen mobile devices – such as flash drives, laptops, smartphones and tables – can also potentially lead to a security breach if they land in the wrong hands.
Outdated systems and applications
Old software and web browsers can cause serious security concerns. Attack methods become more advanced each year, and hackers are always looking for new ways to exploit systems and applications vulnerabilities.
Usually targeting organisations that rapidly need access to information, such as the NHS, this is where a hacker gains access to a system and locks it. Instructions to pay a ransom are left in the virus itself and the money is either collected or the information is lost.
This is where cybercriminals request sensitive information by making a website or email request that looks official but is in fact fake.
Make your SME safe and stay ahead of competitors
You can ensure your business is protected against cybercrime in two key ways:
Having a clear plan
A good cybersecurity strategy outlines an organisation’s commitment to – and, most importantly, method of – delivering effective cybersecurity. Assess the risks to your organisation’s information assets with the same focus as you would for other risks such as legal, regulatory and operational threats.
Having the right software in place
Download software and app updates as soon as they appear, as they will likely contain vital security upgrades that can keep your devices and data safe, and focus on your network security by monitoring traffic for unusual or malicious incoming and outgoing activity that could indicate an attack (or attempted attack). In addition, install anti-virus software on company computers, tablets and smartphones to help prevent infection. Lastly, having taken the above elements into consideration, it can also be useful to have a back-up of your data on an external hard drive or cloud-based service.
Educating your people
Make your team are aware of cybersecurity threats and how to spot them. Share best practice regarding passwords strength and how to handle suspicious emails that might contain fraudulent requests for information or links to viruses.
If you enjoyed this week’s blog, feel free to check out our recent blog on the cosmetic industry here.