With the FSB reporting that 20% of small firms have been targeted by a cyber-attack and that close to 10,000 cyber-attacks are committed daily, it’s no surprise that cyber security is a big concern for small businesses. Not only can a cyber-attack cause significant disruption, inconvenience and expense, it can also dent customer confidence and result in them, rightly or wrongly, choosing to take their business to a competitor who they have a higher perceived level of trust in.
The good news is that building resilience to cyber-attacks doesn’t have to be costly or complicated and although there are no guarantees that a breach may not occur there are a few simple steps that all businesses can take to boost their security. The Governments Cyber Security Centre’s Cyber Essentials programme provides a useful framework for businesses to work towards. Cyber Essentials suggests that businesses have 5 technical controls in place:
- Use a firewall to secure your Internet connection which creates a ‘buffer zone’ between you and your IT network.
- Choose the most secure settings for your devices and software. Many devices come with settings that make then easy to connect to and that make them vulnerable to attacks. Checking and raising the level of security of device settings, using passwords, and adding in extra security (such as two-factor authentication) can help to build resilience.
- Control who has access to your data and services. Controlling access can minimise the potential damage that could be done should someone gain access to an account. Guidance includes how to provide enough access to software, settings and functions for people to perform their roles which helps to minimise avenues for attack.
- Protect yourself from viruses and other malware. Simple steps such as using the virus and malware software to protect devices, whitelisting to protect against the instillation of harmful applications and sandboxing to keep files and applications beyond the reach of malware can provide additional security.
- Keep your devices and software up to date. Manufacturers regularly update device software that adds protection against known and anticipated threats. This simple step can have a significant impact on your level of security.
The above list provides a summary only and should not be used as a guide. You can find out more information about the Cyber Essentials Framework and access a useful checklist by visiting cyberessentials.ncsc.gov.uk
Digital Tech Cumbria is a free support programme targeted at SMEs across Cumbria to help them better understand and use technology to grow. Find out more by emailing firstname.lastname@example.org or complete our Expression of Interest form.