IT systems go down, we’ve all experienced it, but what would happen to your business if a cyber attack meant systems were down for a day or two?
What would happen to your business if you lost your or your clients’ sensitive personal or business critical data?
Loss of monies, inability for employees to work, costly IT fixes, potential GDPR fines and a reputational threat are just some of the affects a cyber attack can have on your business. Any business.
There are very few businesses that don’t rely on technology to ensure they are connected at all times – client communications, financial transactions, online marketing and sales, business processes – all rely on some element of technology. If any of these lines of communication are threatened or disabled it can have a disastrous effect on the business.
There is a one in two chance your business will suffer a security breach so being prepared and becoming cyber secure should not be seen as a daunting challenge to consider but a necessity that you need to address.
What does a cyber attack look like?
Cyber criminals are driven by financial gain and it is a common mistake to think they are just targeting the larger multi-national organisations. More often than not they are looking for quick and easy wins and an easy target can be a small / medium sized business that is unprotected.
For most SMEs risks are often high-volume untargeted attacks which can be launched on mass with little technical know-how, and the effect can be highly detrimental to any business.
Simple tactics that people can easily fall fowl of include:
- Phising emails with links to click and documents to open that will plant a virus, give them access to your systems allowing them to steal your data or passwords.
- Ransomware attacks including links that, once innocently clicked on, will allow the encryption of your data and they will then seek a payment to unlock the data.
- Emails that look to come from senior business staff giving authority to transfer and release funds, transferring monies to fake bank accounts.
Where to start and how to make your business cyber secure
As part of your annual audit process you should build into this an annual cyber audit. Getting your finances in order to support business growth is just as important as getting your security in order to ensure you have a platform for business growth.
Simple questions to consider:
- Do you regularly back up your data? If you have an up to date back up you won’t need to pay to get it unlocked if a phising email did get through.
- Do your staff use devices out of the office – laptops, phones, ipads etc.. Have you got the right securities in place should one go missing or be accidentally lost?
- Do you have anti virus software in place and if so are you allowing automatic updates?
- Are your staff aware of the potential threats? They are your first line of protection and if they don’t know what to look out for they can’t help. Phising attacks can be incredibly sophisticated so your team need examples so they can flag anything that feels suspicious.
- Have you considered getting certified? You can get certification under the Cyber Essentials scheme to ensure you are protected correctly against common threats but also demonstrate to your team and customers that you take cyber security seriously.
If you haven’t yet started your cyber security journey our recommendation is that you get started with the following three activities:
- A penetration test
- A dark web search
- A cyber audit