Improving SME Cyber Security

Uploaded on 2020-10-07 in NEWS-Cybersecurity News, FREE TO VIEW

Just because your business a small or medium sized enterprise (SME), that doesn’t mean it’s not a cyber attack target.  

In fact, SMEs have become a preferred target for cybercrime largely because many lack the time, budget and expertise to put comprehensive security defences in place. A recent British government survey estimated that the average cost of a small business’s cyber-attack can be between £65,000 and £115,000. 

 

SMEs are seen as much easier targets for cyber criminals than large multinational corporations, in part because many SMEs have a fairly basic understanding of their electronic security risks. While many think that cyber criminals focus their attention on big firms, the reality is that today’s automated scanning techniques, malware and botnets don’t care about the size of your company; they’re just too busy searching for vulnerabilities to exploit.

The 5.8 million small businesses in the UK make up 99.3 per cent of all private sector businesses. They contribute a staggering amount to the UK’s local and national economies, as well as being a major source of employment.

For all SMEs then there’s around a 1 in 2 chance that they will experience a cyber security breach.

If you want to improve your cyber security further, then you can also seek certification under the Cyber Essentials scheme, which has the benefit of demonstrating to your clients (or prospective clients) that you take the protection of their data seriously.

Cyber Essentials UK is a Government backed scheme that will help you to protect your organisation, whatever its size, against a whole range of the most common cyber-attacks.

A 2019 survey by the UK’s federation of small businesses found that small businesses were collectively subject to almost 10,000 cyber-attacks a day, with one in five affected in the last two years. A study by the insurance firm, Hiscox, found that a cybersecurity breach could cost the average small business £25,700 in direct costs alone.

A recent study by IDG for Dell shows that businesses aren’t ignorant of these risks. When asked to name the biggest technology challenge they faced in the year ahead, 36% said security and compliance, while 28% said managing their IT in-house.

For many small businesses, simply managing and trouble-shooting their IT systems is hard work enough. Doing so while protecting against growing Internet threats only makes it harder. Yet there are things small businesses can do to improve their security and lock down their network without large investments or specialist skills.

Protecting Critical SME Resources

Hardware and software make up your frontline defences, starting with your wireless network. Make sure that any security features on any routers in the business are enabled, and that any default admin accounts and passwords have been switched for your own admin accounts.

Cyber security's core function is to protect the devices we all use (smartphones, laptops, tablets and computers), and the services we access - both online and at work - from theft or damage. It's also about preventing unauthorised access to the vast amounts of personal information we store on these devices, and online.

Cyber security is important because smartphones, computers and the internet are now such a fundamental part of modern life, that it's difficult to imagine how we'd function without them. From online banking and shopping, to email and social media, it's more important than ever to stake steps that can prevent cyber criminals getting hold of our accounts, data, and devices. 

Businesses should also make data protection a priority. Encrypt data at rest on both internal and external hard drives, and look to secure any devices containing business data, including smartphones, with encryption, tracking, remote lock and remote wipe features. These features are baked into iOS and Android these days and supported by freely downloadable apps.

Cyber Training And Education

Most of all, security means education. Everyone within the company needs to understand the security basics, why they’re important and how to use encryption and secure authentication. They also need to know how to spot a phishing email or a bogus support alert.

GoCyber is a new, highly innovative cyber security training app that uses action based learning to significantly improve the online behaviour of all employees in less than a month. This is especially important when working at home and it is a cyber training program we recommend and has had excellent reviews by some large organisations. This training will significantly reduce your business cyber security risks. To register for a free trial Click HERE

Federation of Small Business:     NCSC:     NCSC:   Police UK:    Entrepreneur Handbook:   

Small Business:     Computer World:

You Might Also Read: 

Cyber Security Training For Employees:

 

 

« Remote Working Compromises Outbound Email
Is Slack Secure For Your Business? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Kaseya

Kaseya

Kaseya is a premier provider of unified IT management and security software for managed service providers (MSPs) and small to medium-sized businesses (SMBS).

CERT.GOV.AZ

CERT.GOV.AZ

Azerbaijan Government Computer Incident Response Team

Australian Information Security Association (AISA)

Australian Information Security Association (AISA)

AISA champions the development of a robust information security sector by building professional capacity and advancing the cyber security of the public, business and governments in Australia.

CipherPoint Software

CipherPoint Software

CipherPoint Software provides data-centric auditing and protection solutions for securing unstructured information

CyberPilot

CyberPilot

CyberPilot ApS is a Danish cybersecurity company. We work with all types of companies and organisations, both large and small, who want to achieve effective cybersecurity.

Redbelt Security

Redbelt Security

Redbelt is a cyber security consultancy. We integrate people, systems, services and products to transform how your information security is delivered.

Adzuna

Adzuna

Adzuna is a search engine for job ads used by over 10 million visitors per month that aims to list every job everywhere, including thousands of vacancies in Cybersecurity.

Cyber Dacians

Cyber Dacians

Cyber Dacians offers Information and Cyber Security Consulting Services. We help you to test the effectiveness of your security defenses and build a secure infrastructure.

Moss Adams

Moss Adams

Moss Adams is a fully integrated professional services firm dedicated to assisting clients with growing, managing, and protecting prosperity.

Trace3

Trace3

Trace3 is a pioneer in business transformation solutions, empowering organizations to keep pace with the rapid changes in IT innovations and maximize organizational health.

PagerDuty

PagerDuty

PagerDuty is the central nervous system for a company’s digital operations. We identify issues in real-time and bring together the right people to respond to problems faster.

Infosys

Infosys

Infosys is a global leader in consulting, technology and outsourcing solutions.. Services include IT strategy, technical architecture and operations including cybersecurity.

Lodestone

Lodestone

Lodestone partners with clients to help them mitigate business and reputational risk, through our human-based, approach to cyber security, digital forensics and incident response.

Papua New Guinea National Cyber Security Centre (PNG NCSC)

Papua New Guinea National Cyber Security Centre (PNG NCSC)

PNG NCSC is a jointly funded initiative enabling PNG to benefit with the most advanced cyber protection of its critical information and communications technology infrastructure.

National Renewable Energy Laboratory (NREL) - USA

National Renewable Energy Laboratory (NREL) - USA

NREL is transforming energy through research, development, commercialization, and deployment of renewable energy and energy efficiency technologies.

InQuest

InQuest

InQuest specialize in providing comprehensive network-based security solutions that empower organizations to protect their most critical assets: their people.