Small and medium-sized enterprises are at greater risk from attack by cyber hackers than larger businesses, say experts, and they should do more to protect themselves.Research recently published by Cyber Streetwise, part of the Home Office, reveals that two thirds (66 per cent) of SMEs don’t consider themselves to be vulnerable while less than a fifth (16 per cent) rate increasing cyber security as a top priority. SMEs are putting a third of revenue at risk due to a lack of basic knowledge. A quarter of small businesses believe that they can’t afford cyber security while one in five says they don’t know where to start finding out more about the issue. Tim Ryan, executive chairman at UNA, an organisation owned equally by 12 of the UK’s largest independent regional insurance brokers, said that now is the time for companies to assess their vulnerability to cyberattacks and take advantage of risk management solutions. He points out that the Data Protection Act 1998 makes businesses responsible for the handling of information relating to individuals. UNA points out that failing to handle this information correctly can lead to claims being made against a business and has highlighted how some insurance policies may provide elements of cyber cover, but most will exclude losses caused by a cyberattack. “This is a pitfall for so many businesses, particularly smaller ones,” added Ryan. “A separate cyber policy will ensure that your cyber risks are fully catered for and most importantly, will ensure less of an impact on the bottom line of a business.” With a cyber-insurance policy covering system damage, consequential reputational harm, and system business interruption, which can see a loss of profits for a small business, Ryan is concerned that cyber threats pose a considerable risk to smaller UK companies which could eventually hinder regional economic growth. He explained: “The key for small businesses is to recognise the role insurers can play in driving improvements in cyber-security risk management. We’ve already seen a commitment from the government to work closer with insurers to help develop the UK’s cyber insurance market. SMEs should now be assessing their vulnerability to cyberattacks and taking advantage of risk management and insurance solutions to mitigate the potential for these events to harm their business.” Read more about cyber attacks:
- UK firms turn to ex-hackers to “skill-up” against cyber crime
- US vs UK: Let the cyber war games begin!
- New evolution of cybercrime: Hackers attempting to attack 100 banks head-on
Daljit Paul offers steps to securing your business and that of your customers and partners:
- Lock your doors and windows – that is to say, invest in technology such as firewalls and intrusion prevention systems (IPS) to help prevent hackers from breaching your network
- Keep systems up to date – The key here is to make sure that when patches are released for firewalls, servers, and PCs they are installed
- User awareness training – This is possibly the single best thing you can do to improve the security across your organisation. Regular, short training sessions on topics like strong passwords and phishing can help your employees become security advocates themselves
- User awareness training – I can’t state enough how much this will help!
- Collaborate and communicate – Collaborating with your supplier network can be a key step in understanding the threats facing your business. Should you detect any abnormal activity whether on your own network or from a supplier then communicating and alerting partners can help stop an attack from spreading further
- Seek expert help – If you think you’ve been breached or hacked then do not be afraid to approach third party security organisations for help. They’re experts at what they do and can help you secure any vulnerable systems once an attack has been mitigated
Share this story