Improving SME Cyber Security

Uploaded on 2020-10-07 in NEWS-Cybersecurity News, FREE TO VIEW

Just because your business a small or medium sized enterprise (SME), that doesn’t mean it’s not a cyber attack target.  

In fact, SMEs have become a preferred target for cybercrime largely because many lack the time, budget and expertise to put comprehensive security defences in place. A recent British government survey estimated that the average cost of a small business’s cyber-attack can be between £65,000 and £115,000. 

 

SMEs are seen as much easier targets for cyber criminals than large multinational corporations, in part because many SMEs have a fairly basic understanding of their electronic security risks. While many think that cyber criminals focus their attention on big firms, the reality is that today’s automated scanning techniques, malware and botnets don’t care about the size of your company; they’re just too busy searching for vulnerabilities to exploit.

The 5.8 million small businesses in the UK make up 99.3 per cent of all private sector businesses. They contribute a staggering amount to the UK’s local and national economies, as well as being a major source of employment.

For all SMEs then there’s around a 1 in 2 chance that they will experience a cyber security breach.

If you want to improve your cyber security further, then you can also seek certification under the Cyber Essentials scheme, which has the benefit of demonstrating to your clients (or prospective clients) that you take the protection of their data seriously.

Cyber Essentials UK is a Government backed scheme that will help you to protect your organisation, whatever its size, against a whole range of the most common cyber-attacks.

A 2019 survey by the UK’s federation of small businesses found that small businesses were collectively subject to almost 10,000 cyber-attacks a day, with one in five affected in the last two years. A study by the insurance firm, Hiscox, found that a cybersecurity breach could cost the average small business £25,700 in direct costs alone.

A recent study by IDG for Dell shows that businesses aren’t ignorant of these risks. When asked to name the biggest technology challenge they faced in the year ahead, 36% said security and compliance, while 28% said managing their IT in-house.

For many small businesses, simply managing and trouble-shooting their IT systems is hard work enough. Doing so while protecting against growing Internet threats only makes it harder. Yet there are things small businesses can do to improve their security and lock down their network without large investments or specialist skills.

Protecting Critical SME Resources

Hardware and software make up your frontline defences, starting with your wireless network. Make sure that any security features on any routers in the business are enabled, and that any default admin accounts and passwords have been switched for your own admin accounts.

Cyber security's core function is to protect the devices we all use (smartphones, laptops, tablets and computers), and the services we access - both online and at work - from theft or damage. It's also about preventing unauthorised access to the vast amounts of personal information we store on these devices, and online.

Cyber security is important because smartphones, computers and the internet are now such a fundamental part of modern life, that it's difficult to imagine how we'd function without them. From online banking and shopping, to email and social media, it's more important than ever to stake steps that can prevent cyber criminals getting hold of our accounts, data, and devices. 

Businesses should also make data protection a priority. Encrypt data at rest on both internal and external hard drives, and look to secure any devices containing business data, including smartphones, with encryption, tracking, remote lock and remote wipe features. These features are baked into iOS and Android these days and supported by freely downloadable apps.

Cyber Training And Education

Most of all, security means education. Everyone within the company needs to understand the security basics, why they’re important and how to use encryption and secure authentication. They also need to know how to spot a phishing email or a bogus support alert.

GoCyber is a new, highly innovative cyber security training app that uses action based learning to significantly improve the online behaviour of all employees in less than a month. This is especially important when working at home and it is a cyber training program we recommend and has had excellent reviews by some large organisations. This training will significantly reduce your business cyber security risks. To register for a free trial Click HERE

Federation of Small Business:     NCSC:     NCSC:   Police UK:    Entrepreneur Handbook:   

Small Business:     Computer World:

You Might Also Read: 

Cyber Security Training For Employees:

 

 

« Remote Working Compromises Outbound Email
Is Slack Secure For Your Business? »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

KnowBe4

KnowBe4

KnowBe4 is an integrated platform for security awareness training combined with simulated phishing attacks.

CERT-IS

CERT-IS

CERT-IS is the national Computer Emergency Response Team for Iceland.

AVG Technologies

AVG Technologies

AVG is focused on providing home and business computer users with the most comprehensive and proactive protection against computer security threats.

Cyber Risk Opportunities

Cyber Risk Opportunities

Cyber Risk Opportunities was formed to enable middle-market executives to become more proficient cyber risk managers so their organizations can thrive.

Taqnia Cyber

Taqnia Cyber

Taqnia Cyber specializes in the fields of cyber security, intelligence, operations, and training. It offers its services and consultations to both public and private sectors.

LEPL Cyber ​​Security Bureau - Georgia

LEPL Cyber ​​Security Bureau - Georgia

The aim of the LEPL Cyber Security Bureau is to create and strengthen stable, efficient and secure systems of information and communications technologies.

R2S Technologies

R2S Technologies

R2S can help you implement a cyber security framework to ensure your business is more resilient towards the growing threat of cyber crime. We provide Web and Mobile Application Security Assessment..

NTIC Cyber Center

NTIC Cyber Center

NTIC Cyber Center is an organization dedicated to making the National Capital Region (Washington DC) more resilient to cyber-attacks.

The Legal 500

The Legal 500

The Legal 500 Hall of Fame highlights, to clients, the law firm partners who are at the pinnacle of the profession. Practice areas covered include Data Protection, Privacy and Cybersecurity.

X-Ways Software Technology

X-Ways Software Technology

X-Ways provide software for computer forensics, electronic discovery, data recovery, low-level data processing, and IT security.

Mjenzi Cloud

Mjenzi Cloud

Mjenzi Cloud is a provider of cloud IaaS solutions including managed backup services, affordable & secure cloud virtual compute/storage/compute services, bare-metal services and cloud security.

Axiado

Axiado

Axiado Corporation is a security processor company redefining hardware root of trust with hardware-based security technologies, including per-system AI.

Jit

Jit

Jit empowers developers to own security for the product they are building from day zero.

ProArch

ProArch

ProArch is a global team of multidisciplinary experts in cloud, infrastructure, data analytics, cybersecurity, compliance, and software development.

Fivecast

Fivecast

Fivecast is enabling a safer world. We help organizations around the world explore masses of data to uncover actionable insights.

Cyver Core

Cyver Core

Cyver Core is a pentest management and pentest report automation platform that consolidates cybersecurity work, automates overhead, and frees cybersecurity professionals up for the work that matters.