How to layer your way to cyber security safety

Cyber crime is once again in the news

In the last Couple of months alone BBC news has reported these headlines:cyber security “Thousands of TalkTalk and Post Office broadband customers affected by a malware attack”, “The operator of the National Lottery says it believes that about 26,500 accounts have been breached” and “’Frighteningly easy’ for criminals to get Visa card details, study claims.” With headlines like these, it’s clear that even the biggest and most successful companies can fall victim to an online attack.

SMEs under attack

What doesn’t tend to make the national news, however, is the number of SMEs who fall prey to cyber attacks throughout the year. Businesses that struggle to recover after their bank accounts are hacked, who have to repair damage to their PCs, who have lost or had their valuable data corrupted, whose identities have been stolen and whose businesses and reputations have been damaged to the tune of thousands of pounds.

SMEs and Cyber resilience

The FSB’s report, “Cyber Resilience: How to Protect Small Firms in the Digital Economy” makes for interesting reading on the subject.

Did you know?

• 66% of small businesses have been a victim of cyber crime
• Cyber crime costs each small business victim nearly £3,000
• On average a small business is a victim of 4 cyber crimes every 2 years
• Types of cyber crime small business are a victim of:
• 49% Phishing
• 37% Spear phishing
• 29% Malware attacks
• 10% Card not present fraud

Reassuringly the FSB’s report also found that 93% of smaller firms have cyber crime security measures in place – but what are those measures and when it comes to cyber security, what’s the best practice?

Best practice cyber security

Here at Stonehouse Logic we recommend that to keep your business safe from online attack, you take a multi-layered approach to cyber protection, rather than adopting a one-size-fits-all solution.

That means looking at security software options, data and systems back ups, creating a strong password policy and, where appropriate, developing a crisis plan.

Let’s start from the inside out.

Protect your people

The heart of every business is its people, so it makes sense to start by helping your employees to know what to be aware of and what to look out for. As cyber criminals try increasingly clever ways to make their emails look ‘normal,’ and contact businesses for seemingly innocent snippets of information, so it’s harder to stay alert to possible hacks.

According to the Cyber Streetwise campaign, a cross-government initiative run by the Home Office and reported in The Guardian, one of the major cyber threats to SMEs is a very simple one.

“Human error – people are generally the weakest link in any security chain, and a vast number of data breaches are the result of information being lost, or distributed to the wrong person. Even the seemingly mundane can have far reaching consequences, particularly where sensitive personally identifiable information is involved.”

Investing in staff training to raise awareness and keeping cyber security as a top-of-mind concern can have a positive, protective effect throughout your business.
If you’d like to know more, get in touch with us for a one-to-one cyber security assessment, Contact us for more details.

Protect your hardware

Next, think about where your company comes into the contact with the outside world. Once your people know how to keep your company data safe, it’s time to look at any technical vulnerability that may exist.

Using strong passwords on routers and installing firewalls can all help to keep your company safe from attack. The government’s guide to passwords is a useful resource, particularly for businesses that have multiple passwords. Each of these elements acts as a layer to build up a shell of protection, like layering clothes against bad weather. Even if one layer is damaged, enough protection remains in place to keep you safe and dry.

Protect your data

It would be wonderful if there were a simple piece of software that you could install to protect your business from cyber attacks. Sadly, the answer to protecting your business against electronic and online threats isn’t straightforward.

Investing in anti-virus and malware software is a key part of staying safe but it’s an ongoing process and your software must be kept up-to-date to keep your data secure.

Making regular back ups to a separate site or to the cloud also ensures that, should the worst happen, your data and systems can be up and running again as quickly as possible.

For more helpful hints and tips, download the free guide to cyber security on our blog here.

Cyber security for your continued growth

Establishing a cyber security practice in your business isn’t just good sense. For many companies, it’s now a recognised level of accreditation that’s required to tender for larger projects and is a box to tick, like the ISO.

Adopting a multi-layered approach, which combines programmes and software together with an awareness within your organisation of the practices that need to be followed to prevent problems from occurring, will provide you with the best protection.

The sad fact is that it’s impossible to ever fully eliminate the risk of a cyber attack but, by adding different layers of protection throughout your business, you can significantly reduce your vulnerability to crime.

To find out more about how to keep your business cyber secure, contact Mark Edwards