We understand the difficulties business owners face when considering cyber security and deciding where or how to begin.
Here are some answers to Cyber Security FAQs that might help you understand what is it, why it's imporant, and if you could be at risk!
WHAT IS MEANT BY CYBER SECURITY?
There are many aspects of cyber security, which in a collective effort, aims to protect the confidentiality, integrity and availability of data, connectivity and computer systems against cyber attacks or unauthorised access. Cyber security encompasses technical controls, policies and the education of people to best protect against cyber crime.
HOW LIKELY IS A CYBER ATTACK?
In the recent ‘Cyber Ready Report 2020’ published by Hiscox, it is stated that some of the largest losses due to cyber attacks were seen within the UK market. 23% of businesses with 1-9 employees fell victim to cyber attack in the last year alone, costing on average £4,359.00, while almost a third of organisations with 10-49 employees also suffered attacks, costing on average £9,225.00. Similarly, 29% of organisations with 50-249 employees came under attack and experienced average financial loss of £58,750.00
HOW DOES CYBER CRIME AFFECT BUSINESSES?
If your organisation falls victim to a cyber attack, the effects both financially and emotionally, can be long lasting. The economic loss arising from theft of data, financial information, trade disruption and loss of business can be substantial, and cause a huge amount of distress to both business owners and their employees.
Cyber attacks can also damage your business’ reputation and destroy trust you may have earned from clients, partners and suppliers, which in turn can lead to loss of customers, sales and profit.
Is it also important to note the legal consequences of a cyber attack or data breach. GDPR laws are heavily regulated within the UK, and as a business owner you are required to manage the security of data effectively. If any personal data within your organisation is compromised, and you do not have security measures in place, you could face hefty fines.
on average £4,359.00, while almost a third of organisations with 10-49 employees also suffered attacks, costing on average £9,225.00. Similarly, 29% of organisations with 50-249 employees came under attack and experienced average financial loss of £58,750.00
WHY DO SMALL BUSINESSES NEED CYBER SECURITY?
Small business are often targeted by cyber criminals due to the lack of budget or investment in proper cyber security measures. Considering that almost a third of the UK SME sector suffered a cyber attack last year, and the growing pressures from consumers to protect their data, it is becoming vital that small businesses take security seriously
HOW CAN COMPANIES PREVENT CYBER ATTACKS?
There are a number of ways in which to begin protecting your data, systems and networks from cyber threats, including If you have no technical knowledge and not sure where to start, The NCSC has a wide range of freely available guidance documents and interactive sessions that help business owners understand their cyber security needs and start thinking about their security plans.
The UK government has also introduced the Cyber Essentials Scheme which aims to address 5 main technical controls business should implement in order to protect themselves from the growing threat of cyber crime. These include Access Control, Secure Configuration, Firewalls and Internet Gateways, Patch Management and Malware Protection. There is also a more rigorous assessment, Cyber Essentials PLUS, which will test the security of your organisation against basic hacking and phishing attacks.
It is also important for employees to play their part in protecting important company information and client data. Since Covid19 and lockdown, there has been a significant rise phishing attacks – where if successful, an attack can trick an employee into inadvertently downloading malicious content that can infect systems with malware. This in turn can give an attacker unauthorised access and ability to ‘move around’ within an organisation in the search of valuable data or to disrupt day to day activities. Employee training helps educate your staff on typical phishing techniques and what to look out for should a malicious email make its way into your organisation.