Improving SME Cyber Security

Uploaded on 2020-10-07 in NEWS-Cybersecurity News, FREE TO VIEW

Just because your business a small or medium sized enterprise (SME), that doesn’t mean it’s not a cyber attack target.  

In fact, SMEs have become a preferred target for cybercrime largely because many lack the time, budget and expertise to put comprehensive security defences in place. A recent British government survey estimated that the average cost of a small business’s cyber-attack can be between £65,000 and £115,000. 

 

SMEs are seen as much easier targets for cyber criminals than large multinational corporations, in part because many SMEs have a fairly basic understanding of their electronic security risks. While many think that cyber criminals focus their attention on big firms, the reality is that today’s automated scanning techniques, malware and botnets don’t care about the size of your company; they’re just too busy searching for vulnerabilities to exploit.

The 5.8 million small businesses in the UK make up 99.3 per cent of all private sector businesses. They contribute a staggering amount to the UK’s local and national economies, as well as being a major source of employment.

For all SMEs then there’s around a 1 in 2 chance that they will experience a cyber security breach.

If you want to improve your cyber security further, then you can also seek certification under the Cyber Essentials scheme, which has the benefit of demonstrating to your clients (or prospective clients) that you take the protection of their data seriously.

Cyber Essentials UK is a Government backed scheme that will help you to protect your organisation, whatever its size, against a whole range of the most common cyber-attacks.

A 2019 survey by the UK’s federation of small businesses found that small businesses were collectively subject to almost 10,000 cyber-attacks a day, with one in five affected in the last two years. A study by the insurance firm, Hiscox, found that a cybersecurity breach could cost the average small business £25,700 in direct costs alone.

A recent study by IDG for Dell shows that businesses aren’t ignorant of these risks. When asked to name the biggest technology challenge they faced in the year ahead, 36% said security and compliance, while 28% said managing their IT in-house.

For many small businesses, simply managing and trouble-shooting their IT systems is hard work enough. Doing so while protecting against growing Internet threats only makes it harder. Yet there are things small businesses can do to improve their security and lock down their network without large investments or specialist skills.

Protecting Critical SME Resources

Hardware and software make up your frontline defences, starting with your wireless network. Make sure that any security features on any routers in the business are enabled, and that any default admin accounts and passwords have been switched for your own admin accounts.

Cyber security's core function is to protect the devices we all use (smartphones, laptops, tablets and computers), and the services we access - both online and at work - from theft or damage. It's also about preventing unauthorised access to the vast amounts of personal information we store on these devices, and online.

Cyber security is important because smartphones, computers and the internet are now such a fundamental part of modern life, that it's difficult to imagine how we'd function without them. From online banking and shopping, to email and social media, it's more important than ever to stake steps that can prevent cyber criminals getting hold of our accounts, data, and devices. 

Businesses should also make data protection a priority. Encrypt data at rest on both internal and external hard drives, and look to secure any devices containing business data, including smartphones, with encryption, tracking, remote lock and remote wipe features. These features are baked into iOS and Android these days and supported by freely downloadable apps.

Cyber Training And Education

Most of all, security means education. Everyone within the company needs to understand the security basics, why they’re important and how to use encryption and secure authentication. They also need to know how to spot a phishing email or a bogus support alert.

GoCyber is a new, highly innovative cyber security training app that uses action based learning to significantly improve the online behaviour of all employees in less than a month. This is especially important when working at home and it is a cyber training program we recommend and has had excellent reviews by some large organisations. This training will significantly reduce your business cyber security risks. To register for a free trial Click HERE

Federation of Small Business:     NCSC:     NCSC:   Police UK:    Entrepreneur Handbook:   

Small Business:     Computer World:

You Might Also Read: 

Cyber Security Training For Employees:

 

 

« Remote Working Compromises Outbound Email
Is Slack Secure For Your Business? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Leviathan Security Group

Leviathan Security Group

Leviathan provides a broad set of information security services ranging from low-level technical engineering to strategic business consulting.

ISC2

ISC2

ISC2 is an international, non-profit membership association for information security leaders. Our information security certifications are recognized as the global standard for excellence.

e2e-assure

e2e-assure

e2e Protective Monitoring and Security Operations Centre (SOC) Service is a complete cyber defence service to protect your critical assets from cyber attacks and GDPR breaches.

The Security Awareness Company (SAC)

The Security Awareness Company (SAC)

The Security Awareness Company provides cyber security awareness training programs for companies of all sizes.

Puleng Technologies

Puleng Technologies

Puleng provides customers with a client-centric strategy to manage and secure the two most valuable assets an organisation has - its Data and Users.

Charterhouse Müller UK

Charterhouse Müller UK

Charterhouse Müller UK are a leading service provider for end of life IT services including data erasure and secure IT asset disposal.

National Cybersecurity Competence Centre (NC3) - Czech Republic

National Cybersecurity Competence Centre (NC3) - Czech Republic

NC3 has been established in response to growing demands for practically applicable products and solutions for ensuring cybersecurity of critical and non-critical information infrastructures.

Prompt

Prompt

Prompt supports the creation of partnerships and the setting up of industrial-institutional applied R&D projects for all ICT sectors.

Injazat

Injazat

Injazat Data Systems is an industry recognized market leader in the Gulf region for Information Technology, Data Center and Managed Services.

NanoVMs

NanoVMs

NanoVMs is the industry's only unikernel platform available today. NanoVMs runs your applications as secure, isolated virtual machines faster than bare metal installs.

Tactical Network Systems (TNS)

Tactical Network Systems (TNS)

Tactical Network Solutions helps you discover hidden attack vectors in IoT and connected devices before someone else does.

BitTrap

BitTrap

BitTrap helps companies worldwide detect attackers and put an early end to breaches, preventing data exfiltration and ransomware altogether.

Astrill VPN

Astrill VPN

Astrill VPN is a Seychelles based Virtual Private Network(VPN) Company.

NormCyber

NormCyber

NormCyber provide award-winning cyber security and data protection as a service for midsize organisations.

Fingerprints

Fingerprints

Fingerprints is the world-leading biometrics company. Our solutions are found in millions of devices providing safe and convenient identification and authentication with a human touch.

InfoSight

InfoSight

InfoSight offers proven Cyber Security, Regulatory Compliance, Risk Management and Infrastructure Solutions to protect your business and your customers from cyber crime and fraud.