We’ve talked about the legal obligations of storing data but what about the safety of the data itself? How secure are your systems and how prepared are you for a cyber attack?
Businesses are only as good as the data they own and anything that could destroy that data or hold it to ransom, as happened with the WannaCry attack on the NHS and other organisation recently, can have devastating consequences.
And criminals have figured out that small and medium-sized enterprises, which make up 98 per cent of the firms in the UK, are prime targets in this regard. New figures suggest that cyber attacks on UK SMEs have doubled in the second quarter of the year, with one in three small business owners believing that an attack is a matter of ‘when, not if’. However, even though many see this as a foregone conclusion, they are still not doing enough to prevent it and often don’t have the resources or knowledge to defend themselves against an attack.
It’s very shortsighted not to be prepared, as attacks are costly in so many ways; last year cyber attacks and breaches cost UK businesses an average of £1,570 per attack. Not only that, but an attack can get in the way of productivity, harm the business’s reputation, cause it to lose its competitive edge or even close it down.
The trouble is, we’re all connected
With the preferred targets being connected Internet of Things (IoT) devices, most small businesses are woefully unprepared for attacks such as fraudulent emails, phishing or malware such as Ransomware. Moreover, most are not investing enough in technology that will adequately protect their business or are relying on staff to be vigilant, often when these same workers have had no training or formal processes to follow in the event of an attack.
However, with UK businesses being targeted more than 700 times each on a daily basis, it’s vital that business owners get up to speed and protect their files.
Things you can do to protect against cyber attacks
In the same way that there’s no point in a castle defending the gates when there’s a hole in the wall at the back, businesses need to keep their defences up-to-date and prioritise security over convenience. But there are fairly simple things that can be done to keep data safe:
- Use a good firewall between your computers and the Internet
- Regularly back-up files and store copies in a secure place, ideally away from the premises
- Use strong passwords and update software whenever necessary
- Make sure you have a staff policy in place
- Encrypt sensitive data, such as payroll details
- If you use Windows, update software against ransomware
After the deluge
If business owners and directors have put protection in place, hopefully they won’t fall prey to cyber criminals, but everyone should have a ‘plan B’ in place in case the worst actually happens. Sadly, however, most small businesses haven’t, if recent reports are anything to go by.
According to the latest research, almost 75 per cent of small firms haven’t put any money aside to deal with the aftermath of a cyber attack and a staggering 43 per cent said they would “just react” if or when an attack happened. This is madness, as apart from the disruption to day-to-day business an attack could cause, there are any number of other factors to consider, from irrecoverable loss of data, reputational damage and loss of customer and stakeholder trust.
Show your strength
Rather like having a burglar alarm on the wall when your neighbour doesn’t, the hope is that if a criminal thinks there might be easier targets, he’ll leave you alone. And there might be some truth in that. So, businesses should make it less attractive for intruders to try and scale the walls; one way of doing this is by obtaining a Cyber Essentials badge to advertise the fact that you’re following government-endorsed standards for cyber security.
One of the best ways you can protect your data is to have us look after it for you. We offer comprehensive IT services including cyber security, vulnerability and compliance assessments and managed firewall and wif-fi services.