From day-to-day business functions like accounting and filing taxes to creating new sales channels online, the internet offers smaller businesses endless opportunities to do things smarter and faster.
However the latest innovations such as mobile and cloud technology are not without their risks and small firms are increasingly finding themselves open to cyber threats.
In fact recent government research found that 60 per cent of small businesses reported a security breach in the last 12 months, costing between £65,000 and £115,000.
Worryingly, despite this increase, according to software security experts Kaspersky 82 per cent of smaller firms in the UK still are under the impression that they are not a target for attack because they’re too small or don’t have anything worth stealing. This couldn’t be further from the truth and firms should definitely look to ensure they protect themselves.
What are the risks?
Cyber risks occur at every point where your business uses technology, and not simply computers! Smart phones, tablets, storage devices, email, social media and even phone systems are also susceptible.
Some firms in particular are at considerable risk; for example professional services organisations such as accountants and solicitors who hold significant amounts of sensitive information that is highly attractive to malicious individuals. Companies that operate ecommerce websites, or have a large online marketing presence, may also be attractive targets.
To make things even more complicated, as technologies develop all the time, so do the hidden risks associated with them.
The human factor
As well as the obvious external threats from shadowy cyber criminals, one of the biggest risks for businesses is their own employees.
At least 77 per cent of 1,500 data breaches investigated by insurer Beazley in the first eight months of 2014 had a human element.
Employees can cause both accidental and malicious damage to a business. This can be anything from deleting important files, using a weak password, posting inappropriate material on social media, accidentally sending emails to the wrong recipients or attaching the wrong files, or even leaving their laptop unattended on a train.
Even the smallest slip in best practice can have devastating consequences on revenue and reputation.
So what can you do to protect your business?
Small business owners should start thinking about cyber threats in the same way we automatically think about other security.
We know we have to set the alarm every day, test the smoke alarm, and lock the front door on the way out. We do them without thinking, but we’re still playing catch-up on the cyber equivalents. Small business owners need to consider where they put the locks and alarms in place for their ‘virtual’ properties.
While fixes to external problems, like installing anti-virus software and strengthening passwords, may seem an obvious they are often overlooked. The key is to establish a culture of best practice when it comes to online security starting with educating yourself and your staff in cyber risks.
In particular, it is important to make everyone aware of potential exposures that may reduce the likelihood of common, opportunistic ‘drive by’ incidents, like fraudulent telephone calls from those pretending to be from a bank which are on the rise.
Putting in place acceptable usage policies for IT and social media will also make it clear to employees what is expected of them. By being proactive about cyber security with staff, you will begin to build in security considerations to everyday operations, in turn delivering a more resilient business.
If in doubt get advice
Remember that help is on hand from a variety of sources. The Forum for example provides support to protect you from the growing danger of cyber crime by offering affordable solutions to help you manage the risks in your business. For further information visit www.fpb.org or call 0845 130 1722.