With cyber crime on the rise globally, small business owners must be fully educated and aware of the increasingly tough fight against breaches of data, hacking and phishing scams. In 2017, the UK government revealed figures that showed that nearly half of all UK businesses were hit by a cyber breach or attack in the previous year.
With the number of attacks rising rapidly in the UK and with it being estimated that online fraud and cyber crime cost the UK over £11bn in 2016, cybersecurity is no longer just an issue for the IT department, but also for business leaders and managers.
According to a 2017 study of UK-based businesses, 68% of small business owners had no formal security plan, despite 85% owning at least a website. With such little planning or security, it’s no surprise that 5.4 million small businesses in the UK are collectively attacked more than seven million times a year. As well as costing the companies millions of pounds, it also costs the UK economy. According to The Federation of Small Business, the attacks on these small businesses cost the economy a huge £5.26 billion.
And whilst many small business owners think it will never happen to them, cyber crime accounted for almost 30% of all crimes recorded in the UK from July 2016 to July 2017. These figures issued by Office for National Statistics revealed a shocking fact about the extent of online crime in the United Kingdom. There were also 2.5 million incidents of bank and credit card fraud reported, with the number of these crimes that go unreported, the real figure is probably much higher.
Data is one of the main ways that hackers steal from companies, this can include stealing banking information, credit card details or employee information. This is highly confidential information, and if stolen, can be detrimental not just to your business but also to your employees. When storing data in physical devices or exchanging it across the internet, you need your data to be encrypted to prevent hackers from accessing it. This can be done by using encryption tools that are on most operating systems, which will encrypt every program and file on the system. However, these tools only encrypt data when users are logged out, meaning you can still be vulnerable when the system is running. Using an automatic log-off after 10 minutes of inactivity can help prevent this.
Malware is another way cybercriminals capture your business's data, it runs in the background and takes data such as banking log-ins and passwords. To avoid this type of breach, it’s important to install anti-malware and anti-virus protection which prevents hackers from accessing your business data by removing malicious activity, which can occur through spam emails, harmful websites or employee personal emails. You can also make sure your software is running up-to-date to block viruses in older equipment and software, restrict third-party access to equipment and prohibit removable data such as USB drives.
It’s not just the technical issues that small businesses need to look at, they also need to avoid overlooking the smaller, simpler things that can leave them vulnerable, such as wifi and passwords. A number of victims of hacking are vulnerable due to their poorly secured wifi networks, which allows hackers to easily access company information. One possible way of preventing this is to use strong passwords. The UK government suggests a password of three random words or a nonsense password made up of random letters, numbers, and symbols.
Additionally, security doesn’t end with software and tech, and the education of employees on the importance of cybersecurity is just as significant. Even the largest businesses can be undone by a rogue spam email being opened and downloaded. Educating employees on the importance of deleting spam emails, not clicking on untrustworthy links and being vigilant for changes in their equipment will increase your overall protection. Having employees sign a formal company policy is a good start.