Improving SME Cyber Security

Just because your business a small or medium sized enterprise (SME), that doesn’t mean it’s not a cyber attack target.  

In fact, SMEs have become a preferred target for cybercrime largely because many lack the time, budget and expertise to put comprehensive security defences in place. A recent British government survey estimated that the average cost of a small business’s cyber-attack can be between £65,000 and £115,000. 

 

SMEs are seen as much easier targets for cyber criminals than large multinational corporations, in part because many SMEs have a fairly basic understanding of their electronic security risks. While many think that cyber criminals focus their attention on big firms, the reality is that today’s automated scanning techniques, malware and botnets don’t care about the size of your company; they’re just too busy searching for vulnerabilities to exploit.

The 5.8 million small businesses in the UK make up 99.3 per cent of all private sector businesses. They contribute a staggering amount to the UK’s local and national economies, as well as being a major source of employment.

For all SMEs then there’s around a 1 in 2 chance that they will experience a cyber security breach.

If you want to improve your cyber security further, then you can also seek certification under the Cyber Essentials scheme, which has the benefit of demonstrating to your clients (or prospective clients) that you take the protection of their data seriously.

Cyber Essentials UK is a Government backed scheme that will help you to protect your organisation, whatever its size, against a whole range of the most common cyber-attacks.

A 2019 survey by the UK’s federation of small businesses found that small businesses were collectively subject to almost 10,000 cyber-attacks a day, with one in five affected in the last two years. A study by the insurance firm, Hiscox, found that a cybersecurity breach could cost the average small business £25,700 in direct costs alone.

A recent study by IDG for Dell shows that businesses aren’t ignorant of these risks. When asked to name the biggest technology challenge they faced in the year ahead, 36% said security and compliance, while 28% said managing their IT in-house.

For many small businesses, simply managing and trouble-shooting their IT systems is hard work enough. Doing so while protecting against growing Internet threats only makes it harder. Yet there are things small businesses can do to improve their security and lock down their network without large investments or specialist skills.

Protecting Critical SME Resources

Hardware and software make up your frontline defences, starting with your wireless network. Make sure that any security features on any routers in the business are enabled, and that any default admin accounts and passwords have been switched for your own admin accounts.

Cyber security's core function is to protect the devices we all use (smartphones, laptops, tablets and computers), and the services we access - both online and at work - from theft or damage. It's also about preventing unauthorised access to the vast amounts of personal information we store on these devices, and online.

Cyber security is important because smartphones, computers and the internet are now such a fundamental part of modern life, that it's difficult to imagine how we'd function without them. From online banking and shopping, to email and social media, it's more important than ever to stake steps that can prevent cyber criminals getting hold of our accounts, data, and devices. 

Businesses should also make data protection a priority. Encrypt data at rest on both internal and external hard drives, and look to secure any devices containing business data, including smartphones, with encryption, tracking, remote lock and remote wipe features. These features are baked into iOS and Android these days and supported by freely downloadable apps.

Cyber Training And Education

Most of all, security means education. Everyone within the company needs to understand the security basics, why they’re important and how to use encryption and secure authentication. They also need to know how to spot a phishing email or a bogus support alert.

GoCyber is a new, highly innovative cyber security training app that uses action based learning to significantly improve the online behaviour of all employees in less than a month. This is especially important when working at home and it is a cyber training program we recommend and has had excellent reviews by some large organisations. This training will significantly reduce your business cyber security risks. To register for a free trial Click HERE

Federation of Small Business:     NCSC:     NCSC:   Police UK:    Entrepreneur Handbook:   

Small Business:     Computer World:

You Might Also Read: 

Cyber Security Training For Employees:

 

 

« Remote Working Compromises Outbound Email
Is Slack Secure For Your Business? »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Malomatia

Malomatia

Malomatia is a leading provider of technology services and solutions in Qatar including information security.

Arete

Arete

Arete is a global cyber risk company whose mission is to transform the way organizations prepare for, respond to, and prevent cybercrime.

PBOSecure

PBOSecure

PBOSecure is a dynamic and progressive IT consultancy company specializing in IT and Industrial Control System (ICS) security.

Crayonic

Crayonic

Crayonic digital identity technologies protect and guarantee the identity of people and things.

Cyber Security Academy (CSA)

Cyber Security Academy (CSA)

The CSA aims to educate professionals who wish to contribute to strengthening the digital defensibility of states, organisations and individual citizens.

Solidified

Solidified

Solidified is the largest audit platform for smart contracts. Our community has the highest concentration of top Blockchain security specialists and best-in-class code auditors.

Innovation Cybersecurity Ecosystem at BLOCK71 (ICE71)

Innovation Cybersecurity Ecosystem at BLOCK71 (ICE71)

Innovation Cybersecurity Ecosystem at BLOCK71 (ICE71) is Singapore's first cybersecurity entrepreneur hub.

Clone Systems

Clone Systems

Clone Systems is an award winning global cloud based managed security as a service provider.

Protek International

Protek International

Protek International delivers world-class Digital Forensics, eDiscovery, Cyber Security, and related Advisory services.

Imageware

Imageware

Imageware is a leader in biometric cybersecurity. Protect against costly, damaging ransomware hacks by employing biometric cybersecurity solutions.

Appurity

Appurity

Appurity specialises in mobile and application security, delivering comprehensive solutions across all verticals.

Dope Security

Dope Security

Dope Security is a fly-direct Secure Web Gateway that eliminates the data center stopover architecture required by legacy providers, instead performing security directly on the endpoint.

SYN Ventures

SYN Ventures

SYN Ventures invests in disruptive, transformational solutions that reduce technology risk.

CryptoNext Security

CryptoNext Security

CryptoNext provides optimal end-to-end post-quantum cybersecurity remediation tools and solutions for IT/OT infrastructures & applications.

OSP Cyber Academy

OSP Cyber Academy

OSP Cyber Academy are a managed service provider of cyber, information security and data protection training.

Denodo

Denodo

Denodo transforms the way organizations operate by unifying their data assets in real time and making data ubiquitous and secure to all users and business applications.

WeVerify

WeVerify

WeVerify is a platform for collaborative, decentralised content verification, tracking, and debunking.

tmc3

tmc3

tmc3 is an award-winning, people-centric consultancy that is transforming cyber security from an overhead into an organisational enabler.