Cyber News

SME Cyber Security

we love your small business - Cyber Security in Lancashire

The sheer amount of SMEs in England and Scotland are enough to make up over 99% of the company landscape and SMEs are what the cyber criminal go for.

Like a hunter looking for easy prey, they pick off the weak and vulnerable – don’t be the prey!

Simple steps can help an SMEs cyber security enough for the casual hacker to consider you too much hassle to bother with. Steps which are affordable and effective. There are papers available on most government platforms offering advise, the police special units have booklets and attend regular events to give SMEs the best platform to work from for cyber security and yet, so many SMEs overlook this vital aspect of their business. They wouldn’t overlook the book keeping or the telephone infrastructure – so we must start sending the message that good cyber security is as vital to a business as those.

Edward Whittingham is a former police officer says that it’s essential that small and medium-sized enterprises (SMEs) understand that cyber-crime is now a major part of organised crime.

Phishers

One of the biggest threats to SMEs are phishing emails, where hackers pose as trustworthy entities, such as suppliers or colleagues, and ask for sensitive information to be sent. Do not underestimated these attacks as between 90% and 95% of cyber-attacks begin with phishing.

They continue to evolve and are becoming ever more convincing, developing ways to look more like your bank, stopping silly spelling mistakes and creating more believable link URLs. If there’s one thing to get to grips with, it’s ensuring that employees understand all of the different threats that phishing emails pose and how to spot the warning signs.

Our Cyber Security Training can help bring your staff up to speed.

Costs and expenses

The cost of a cyber-attack can be huge, but protection for small businesses isn’t necessarily expensive. Anti-virus software is a must for all SMEs and some packages ensure that the software is always up to date. The market is competitive and business owners should read reviews and take recommendations before selecting the right tool or package.

Local authorities and chambers of commerce also offer support with a fantastic chamber right here in Lancashire.

Back-up your data

Firms that want to mitigate the danger of an attack can take action. The first step is to back up crucial data: Back-ups should be made regularly (ideally daily) to a storage device separate to the ones from which you work. Think what effect it would have on your business if everything was lost.

Two-factor authentication

Try and use of two-factor authentication, where software or email access requires not just a password but also a PIN number, usually sent by text.

Dropbox and other cloud services offer this, but passwords should be improved anyway. They are all too often a weak link which needs securing.

IT policy

SMEs need to create an IT policy to prevent cyber-attacks and data breaches. This should be a comprehensive but easy to read document that’s adhered to by all staff members. Again, Citadel can assist with this.

Unfortunately, it’s a case of when, not if, an attack will take placeChris Gough, Mintivo – IT Consultancy Expert

IT policies are all too often unread and unattractive, and advises a bite-sized version to interest staff: “You can get great engagement from using a ‘Top 10 need to know’ format and promoting this alongside the full document.” He recommends.

It should cover a wide variety of areas, including acceptable usage, communications, password policy, social media guidelines, network security, physical security, data protection, incident response and disaster recovery.

Preparation is key and cannot simply be left for the IT department, read more about DRP (disaster recovery) here.

Test your systems

The only way to ensure that your systems are strong is to test them – preferably before the hackers do! Citadel Cyber Security can also offer an insight into your weakest points in the form of a pentest – read more here.