A whopping 98% of UK businesses now operate online in one way or another, with even the smallest of firms benefiting hugely from the use of websites, social media, staff email addresses, online banking and the ability for customers to shop online.
However, the latest Government statistics show over four in ten (43%) of all businesses and charities experienced a cyber breach or attack in the past year. This included computer viruses, hacking, theft of data and theft of financial information. Breaches were identified most often in businesses holding personal data and those where staff use personal devices for work.
Whilst some household name companies have been in the news in recent months due to high profile data breaches, this isn’t just a problem for large companies: nearly half (47%) of small businesses suffered a cyber breach or attack during the last 12 months. This could be something as minor as your work laptop or mobile phone not working properly for a few days and upsetting your normal day-to-day operations. But, at worst, a breach or attack could affect your cashflow, prevent you selling via your website or damage your reputation with customers.
So what can you do to protect yourself? The good news is the vast majority of cyber attacks can be prevented using quick and simple measures. Hackers rely on you failing to do the simple stuff, but getting these basics right will significantly enhance the security of your business.
Using strong passwords on your important accounts is crucial. Hackers and criminals use password-guessing tools which can crack weak passwords in seconds, so it’s essential you use strong passwords which can’t be guessed and which you haven’t used elsewhere. This is especially important for your most valuable accounts, such as your email.
You can make a strong, memorable password by choosing 3 random words – such as 'duckmountainlaugh'. Using capitals, numbers and special characters will make it stronger – 'dUckm0unt@inlaugh' (but don’t use this one!).
Another favourite way for hackers to exploit small companies is by targeting out of date software.
Software and app updates contain vital security updates to help protect your devices from cyber criminals. So it’s vital you always install the latest software and app updates when they appear. You can set your device to do this at night while you’re asleep so that it doesn’t interfere with your working day.
For those that want to do a bit more, the National Cyber Security Centre’s Small Business Guide contains 5 quick and easy tips firms can follow to boost their online security. Such as, how to securely back-up your important data (something nearly a third of businesses admit they don’t do) and how to prevent your colleagues falling victim to scam emails.
The guide also contains a great selection of short videos explaining how these quick and easy steps could save you time, money and even your business’ reputation.
Getting these basic measures in place will also help you meet the requirements of the General Data Protection Regulation (GDPR) which came into law in May this year. These new rules require companies which hold personal data (like customer names, addresses, email addresses, phone numbers and payment card details) to have “appropriate” security measures in place to protect that data. Taking this action will help protect your company’s important information and could help prevent a fine from the regulator, should you be unfortunate enough to suffer a data breach.
For larger businesses, there is also a new piece of guidance to help company boards ask the right questions on cyber security.
So this October, show your business some love by taking 5 minutes to boost your cyber security – and be #CyberAware !
Our top tips
- Use a strong and separate password for your email account.
- Always download software and app updates when they appear.
- Use the Small Business Guide to protect your firm against common cyber attacks.