Q&A: How to protect your business from online threats
Tony Neate, CEO of Get Safe Online, shares his insight and explains how UK businesses can protect themselves against online threats and cyber crime
According to government figures released in April 2017, 47% of all UK businesses had suffered a cyber breach or attack in the preceding 12 months.
The Federation of Small Businesses estimates that seven million cyber crimes are committed against small firms in the UK every year, which equals 19,000 a day. And, on average, a cyber crime incident costs £3,000, with two days’ recovery time needed.
Former police detective and cyber crime expert, Tony Neate, CEO of Get Safe Online (“a public-private sector partnership supported by government and leading organisations in banking, retail, internet security and other sectors”), explains how your business may be able to mitigate the risk it faces from online criminals.
Is cyber crime a growing problem?
Tony Neate (TN): “The number of cyber attacks continues to grow each year, so it isn’t something businesses can afford to be complacent about. Running a small business is demanding and there are many things to take care of. Cyber security can seem a little daunting if you lack knowledge. However, protecting your business and mitigating risk of cyber crime should be a key priority.”
How are small businesses likely to be targeted by online criminals?
TN: “Sometimes via phishing, usually emails sent by criminals that look like they come from genuine sources, such as banks and credit card companies. They ask recipients to reveal passwords, which are then used to steal money. Sometimes businesses are targeted with viruses or malware, which is software designed to disrupt, damage or gain access to a computer system. Ransomware is malware that locks a computer system and demands money to unlock it. Systems can also be hacked, with data accessed or stolen criminals.”
How can cyber crime affect a small business?
TN: “The effects can range from relatively minor disruption to serious reputational damage. At worst, it can put you out of business. Larger businesses tend to have greater resources, so, often they recover sooner. But it can be much harder for small businesses to survive following a major incident. It’s better to take steps to try to prevent it happening. If you have premises, you gladly pay for door and window locks, you probably have an alarm, and possible security cameras. Why take chances with your IT system?”
How can small businesses better protect themselves against online threats?
TN: “First, make sure you have the latest versions of the operating system and any anti-malware software you use. If not, download them immediately. Back up and store your data on a different network, then you won’t lose it if you’re targeted. Access control is key – think carefully about who in your business has access to what data. Pick strong passwords, keep them safe and don’t respond to emails that take you to website that ask you to reveal them. Improve your knowledge or if you have budget, bring in professional IT security support. It needn’t cost a lot.”
How important is staff training?
TN: “Many attacks are made possible by human error, for example, an employee opening a virus attachment or unintentionally revealing a password. Simple mistakes can prove expensive, so, business owners need to raise awareness among their staff of the risks and tactics criminals use. At the very least, give your staff basic training. If you have budget, there are training courses. Arming your people with basic knowledge can provide protection in work and at home.”
How important is it to have reliable staff IT policies?
TN: “Again, these can ensure that your staff don’t make basic mistakes. Such policies shouldn’t be thick documents; just a few pages that clearly, but concisely explain your expectations. Keep it simple and free from jargon. Also make sure you cover staff using their own devices to access work systems, because that increases risk.”
How does Get Safe Online help small businesses?
TN: “We’re a leading source of unbiased, factual and easy-to-understand information on online safety. We hold awareness-raising events throughout the country and work closely with law enforcement agencies and other bodies in support of their activity. Our website offers business owners a comprehensive library of free online safety content, including videos. We’re very passionate about helping small businesses. We want to help them to stay safe online and grow.”