Improving SME Cyber Security

Uploaded on 2020-10-07 in NEWS-Cybersecurity News, FREE TO VIEW

Just because your business a small or medium sized enterprise (SME), that doesn’t mean it’s not a cyber attack target.  

In fact, SMEs have become a preferred target for cybercrime largely because many lack the time, budget and expertise to put comprehensive security defences in place. A recent British government survey estimated that the average cost of a small business’s cyber-attack can be between £65,000 and £115,000. 

 

SMEs are seen as much easier targets for cyber criminals than large multinational corporations, in part because many SMEs have a fairly basic understanding of their electronic security risks. While many think that cyber criminals focus their attention on big firms, the reality is that today’s automated scanning techniques, malware and botnets don’t care about the size of your company; they’re just too busy searching for vulnerabilities to exploit.

The 5.8 million small businesses in the UK make up 99.3 per cent of all private sector businesses. They contribute a staggering amount to the UK’s local and national economies, as well as being a major source of employment.

For all SMEs then there’s around a 1 in 2 chance that they will experience a cyber security breach.

If you want to improve your cyber security further, then you can also seek certification under the Cyber Essentials scheme, which has the benefit of demonstrating to your clients (or prospective clients) that you take the protection of their data seriously.

Cyber Essentials UK is a Government backed scheme that will help you to protect your organisation, whatever its size, against a whole range of the most common cyber-attacks.

A 2019 survey by the UK’s federation of small businesses found that small businesses were collectively subject to almost 10,000 cyber-attacks a day, with one in five affected in the last two years. A study by the insurance firm, Hiscox, found that a cybersecurity breach could cost the average small business £25,700 in direct costs alone.

A recent study by IDG for Dell shows that businesses aren’t ignorant of these risks. When asked to name the biggest technology challenge they faced in the year ahead, 36% said security and compliance, while 28% said managing their IT in-house.

For many small businesses, simply managing and trouble-shooting their IT systems is hard work enough. Doing so while protecting against growing Internet threats only makes it harder. Yet there are things small businesses can do to improve their security and lock down their network without large investments or specialist skills.

Protecting Critical SME Resources

Hardware and software make up your frontline defences, starting with your wireless network. Make sure that any security features on any routers in the business are enabled, and that any default admin accounts and passwords have been switched for your own admin accounts.

Cyber security's core function is to protect the devices we all use (smartphones, laptops, tablets and computers), and the services we access - both online and at work - from theft or damage. It's also about preventing unauthorised access to the vast amounts of personal information we store on these devices, and online.

Cyber security is important because smartphones, computers and the internet are now such a fundamental part of modern life, that it's difficult to imagine how we'd function without them. From online banking and shopping, to email and social media, it's more important than ever to stake steps that can prevent cyber criminals getting hold of our accounts, data, and devices. 

Businesses should also make data protection a priority. Encrypt data at rest on both internal and external hard drives, and look to secure any devices containing business data, including smartphones, with encryption, tracking, remote lock and remote wipe features. These features are baked into iOS and Android these days and supported by freely downloadable apps.

Cyber Training And Education

Most of all, security means education. Everyone within the company needs to understand the security basics, why they’re important and how to use encryption and secure authentication. They also need to know how to spot a phishing email or a bogus support alert.

GoCyber is a new, highly innovative cyber security training app that uses action based learning to significantly improve the online behaviour of all employees in less than a month. This is especially important when working at home and it is a cyber training program we recommend and has had excellent reviews by some large organisations. This training will significantly reduce your business cyber security risks. To register for a free trial Click HERE

Federation of Small Business:     NCSC:     NCSC:   Police UK:    Entrepreneur Handbook:   

Small Business:     Computer World:

You Might Also Read: 

Cyber Security Training For Employees:

 

 

« Remote Working Compromises Outbound Email
Is Slack Secure For Your Business? »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Digital Defense Inc (DDI)

Digital Defense Inc (DDI)

DDI offers vulnerability scanning, penetration testing, web application testing, social engineering and additional security assessments.

CyberSecurity Malaysia

CyberSecurity Malaysia

CyberSecurity Malaysia is the national cyber security specialist agency under the Ministry of Science, Technology and Innovation (MOSTI).

VKANSEE

VKANSEE

VKANSEE offer the world's thinnest optical fingerprint sensor for mobile device protection.

Gigacycle

Gigacycle

Gigacycle is one of the leading IT disposal and recycling providers in the UK. We specialise in IT asset disposal (ITAD) and data destruction.

Fortalice

Fortalice

Fortalice provide customizable consulting services built on proven methodology to strengthen your business cyber security defenses.

Vaadata

Vaadata

Vaadata are experts in ethical hacking. We secure your web, mobile and IoT platforms.

GLESEC

GLESEC

GLESEC offer a complete range of Cyber Security services from Operations & Intelligence Services to Auditing & Compliance and Simulation and Training.

Enzoic

Enzoic

Enzoic is an enterprise-focused cybersecurity company committed to preventing account takeover and fraud through compromised credential detection.

Componolit

Componolit

Componolit GmbH is a highly specialized company with a strong emphasis on trustworthy software, component-based systems and formal verification.

NI Cyber Security Centre

NI Cyber Security Centre

NI Cyber Security Centre works to make Northern Ireland cyber safe, secure and resilient for its citizens and businesses.

Redpoint Security

Redpoint Security

Redpoint Security is an application security consulting firm that is focused on all aspects of code security.

National Cybersecurity Agency (ACN) - Italy

National Cybersecurity Agency (ACN) - Italy

The ACN is the National Authority for Cybersecurity in Italy. the Agency promotes public-private initiatives to strengthen the national cybersecurity and resilience posture.

RealDefense

RealDefense

RealDefense develops and markets various privacy, security and optimization technologies and services for consumers and small businesses.

ERCOM

ERCOM

Ercom, a subsidiary of the Thales Group, is a French company known for its mobility security solutions.

Evervault

Evervault

Evervault provides engineers easy solutions to complex data security and compliance problems.

ViCyber

ViCyber

ViCyber is an Australian based company whose mission is to simplify and strengthen cybersecurity for all businesses, irrespective of size.