CEO and Founder, UK Cyber Security Association
If you run a small business, cybersecurity may not be on your radar. Many small businesses believe that it is impossibly complex with endless pitfalls and that data breaches or cyberattacks only happen to larger companies. The truth is that both large and small organisations are at risk of cyberattack.
Alarmingly, statistics show that 60 percent of small businesses go out of business within six months of experiencing a cyberattack, so keeping your business secure is of utmost importance. While there may be significant challenges, starting with a few key steps can help protect your business and reduce the risk of a cyberattack.
Back up your data
Your business relies on critical data such as customer details, orders, quotes, and payment details. Imagine what it would be like if you had to operate your business without them. All businesses, no matter what their size, should make regular backups of their important data, and ensure that these backups are recent and can be restored quickly and easily. By doing this you ensure that your business can still function following the impact of flood, physical damage, fire, or theft.
Protect your small business from malware
Malicious software, also known as malware, is software or web content that is designed to harm your business — such as the WannaCry attack that predominantly hit the U.K.’s National Health Service in 2017. Viruses are one of the most well-known forms of malware, which are self-copying programs that infect legitimate software. To help prevent malware from damaging your organization, you should install and turn on your antivirus software, keep all your IT equipment up to date through patching, control how your staff use USB drives and memory cards, and switch on your firewall.
Keep your smartphones and other devices safe
Mobile technology is a critical part of today’s modern business, with more of our data being stored on tablets and smartphones. These devices are now as powerful as traditional computers, and because they are designed to be portable and often leave the safety of the office and home, they need even more protection than desktop equipment. To help secure your tablets and smartphones, you should switch on password protection, ensure that lost and stolen devices can be tracked, locked, and wiped, keep your device and apps up to date, and never connect your devices to unknown Wi-Fi hotspots.
Use strong passwords to protect your data
Your laptops, tablets, smartphones, and computers often contain a lot of your own business-critical data, personal data belonging to your customers, and details of the online accounts that you access on a day-to-day basis. It is essential that this data is available to you, but not available to unauthorized users. Passwords, if they are implemented correctly, are a free, easy, and effective way to prevent unauthorised users from accessing your devices. When implementing password policies, make sure you switch on password protection, use 2-factor authentication, avoid using predictable passwords, and ensure that all default passwords are changed.
Avoid phishing attacks
In a typical phishing attack, scammers send fake emails to thousands of people asking for sensitive information such as bank details or containing links to malicious websites. These emails are designed to trick you into sending money or to steal your details to sell to third parties. The cyber criminals behind them may also have political or ideological motives for accessing your organization’s information. There is a limit to what you can expect your users to do, but you can configure your accounts to reduce the impact of successful attacks, check for obvious signs of phishing, and check your digital footprint regularly.
Lisa Ventura is an award-winning Cyber Security consultant and is the CEO and Founder of the UK Cyber Security Association (UKCSA), a membership association that is dedicated to individuals and companies who actively work in cyber security in the UK. She has over 10 years’ experience in the cyber security industry and is passionate about raising awareness of being more cyber aware in business to help prevent cyber-attacks and cyber fraud. She is a thought leader, author and keynote speaker and has been published in various publications globally. Her first book “The Rise of the Cyber Women: Volume One” was published in August 2020 and her second book “The Varied Origins of the Cyber Men: Volume One” was published in November 2020, both to great acclaim. Lisa is part of the Advisory Group for the newly created West Midlands Cyber Resilience Centre, sits on the board of Think Digital Partners and is part of Cyber Security Valley UK. She is also a strong advocate for women in cyber security, the cyber skills gap and neurodiversity. In 2020 she was named CISO Magazine’s Infosec Superwoman of the Year.
More information about Lisa can be found on www.lisaventura.com. The UK Cyber Security Association website is www.cybersecurityassociation.co.uk.