This Cyber Awareness Month it is particularly important for us to drive awareness to businesses of all sizes and wherever they are located to take steps to improve their cyber security of and to put measures in place to prevent from becoming a victim. But this is a challenge as so many businesses, particularly the micro and sole traders, do not think they are at risk.
This was really brought home to me recently when I visited Wrexham and was preparing to give a presentation to businesses on protecting themselves from cybercrime. One lady enquired as to what the presentation was on, and when discovering it was about ‘cyber’ remarked: “I don’t do cyber”.
The lady in question accepted that she ran her business online, used an on-line accountancy package, used on-line marketing, but didn’t feel this was something for her! It frightens me that so many small businesses give such little priority to making their businesses more cyber resilient, especially when an attack can have devastating consequences for them.
That said, when we recently ran our own online survey asking people who they think the responsibility of good cyber security best practice lies within their company, resoundingly, 94% of those who took part said that it’s the responsibility of everyone. And, when according to government figures that the average cost of a cyberattack on a small business is £4200, making sure all employees are cyber aware is critical.
So, how can businesses make sure everyone in their company ‘does do cyber’, especially when everyday costs are increasing, coupled with soaring energy bills, and people purchasing fewer products?
Frustratingly, many business owners do not realise that they can put in simple, cost-effective measures that will reduce their business’s vulnerability to a cyber-attack. The most basic measure is the introduction of complex passwords and to then support this with multi-factor authentication. This is not something for the ‘techie’ but is an easy process that we should all put in place for our most important accounts whether they are business or personal.
For example, your bank account, your accountancy package, or your social media accounts especially if this is a platform you use to run your business on. There have been cases across Wales where small businesses have had their social media account compromised, the hackers have changed the password, and then blackmailed the business. If you have multi-factor authentication in place, then you can prevent this.
Having a back up is also essential. Some years back I had the hard drive that I used to store my digital photos fail, and I feared I lost years of photographs. Thankfully they were recoverable, but it really brought home to me the importance of backing up what is important to you. And we need to adopt this in the business environment. If you lose what is most vital to your business, how will it impact your ability to continue?
Have you got a Firewall and Anti-virus installed? Again, a simple measure to put in place. This needs to be supported by regularly downloading the updates to ensure you are no longer at risk of recently identified vulnerabilities being exploited.
Here at The Cyber Resilience Centre for Wales, we offer a range of services for businesses to help identify your digital vulnerabilities and weaknesses.
We also offer a range of membership options depending on what level of support businesses need. Free Core membership provides businesses with access to a range of resources and tools to help them identify risks and vulnerabilities, as well as providing guidance on the steps they can take to increase their levels of protection.