Is Your Company Open To Cyber-Attack?
Written by Steve Ross, 7 January 2016
Cyber-security isn't just a concern for large enterprise. With thousands of small businesses at risk, should your organisation be worried about online threats?
In 2015, cyber-attacks claimed a number of high-profile scalps, including TalkTalk and Lloyds Bank. The media attention given to incidents like this generates a justified sense of outrage but larger organisations, more often than not, have the resources to recover - when a small business falls victim to a cyber-attack, the story can be very different...
A recent PWC survey found that the cost of a single cyber-attack on a small business could reach up to £310,800, but the damage isn't just financial: security breaches are also devastating to client confidence. Despite the danger, a worrying 79% of SMEs have admitted they don't have a response plan in place in the event of an attack.
Wishful-"It won't happen to me"-thinking is preventing small business owners from addressing vulnerabilities in their own organisations - but cyber-security is not some sort of unaffordable luxury. Understanding the areas in which your company is at risk is the best path to protection.
Encrypt Networks: Hackers penetrating your network may have instant access to unencrypted data. At a basic level, encryption prevents that: Encrypted files require a password and are essential to storing sensitive customer information. Encryption software is built into both Windows 10 (BitLocker) and iOS (FileVault) although there are plenty of affordable and commercially available alternatives.
Back-up Data: Establishing a back-up strategy which suits your business is a way to deal with the potential data-damaging effects of a cyber-attack. Data loss is a significant threat to small businesses: 50% that suffer a loss go out of business within 2 years. Your back-up strategy can incorporate off-site cloud storage, or on-site storage - or even a hybrid mix, which combines the strengths and advantages of the two platforms.
Update Software: The software your business uses every day is finely tuned to the security requirements of the IT landscape. When developers release updates for their software, they're addressing weaknesses and vulnerabilities to emerging virus and malware threats - by not updating, you're exposing your network to danger. If you're concerned about the effects of an update on day-to-day business processes, it may be possible to implement it in stages, to avoid disruption or downtime to your system.
Protect Devices: No matter the size of your business, a robust firewall represents an essential first line of defence from threats - but it's important to find the right one for your needs. This protection should extend across the network: ensure router firmware is updated and personal networked devices (tablets and mobiles) gain access through a secure virtual private network (VPN).
Human-error is the leading cause of data loss in the UK, and hackers are fully prepared to exploit this vulnerability. If your employees aren't prepared to handle cyber-threats... your company isn't prepared.
There are plenty of ways to help your employees bolster your cyber-security weak points:
- Educate employees on the basics of cyber-security practice: using secure passwords and keeping login information secret.
- Release up-to-date information on the latest malware and virus threats.
- Protect personal BYO devices from hacking, malware and, importantly, theft
- Restrict access for some employees to sensitive areas of the network
- Ensure departing employees understand security protocols
Eliminate Weakness, Build Strength
Cyber-security is an on-going process and it's crucial that everyone in your business is on the same page. Solutions to the challenges outlined above must be deployed as part of a holistic policy that grows in strength by eliminating weak links.
If this seems daunting, consider this: SMEs are actually at an advantage when implementing an effective cyber-security strategy. While many businesses fear a disruption to their services from security measures, smaller organisations are agile enough to incorporate change smoothly - and pass the benefits and peace of mind on to customers.
If you're concerned about your IT Security, get in touch with Shackleton below.
Understanding The Different Types Of Cyber-Attack
To protect your small business from cyber-attacks, understanding the types of threat you face should be an important part of your strategy.
Understanding Business Continuity: Shackleton's Thoughts
Over the past few months, we've put a focus on business continuity - with the year almost at an end, we look back on our discussions...