Cyber Security (3)Cyber security is often something many SMEs forget about. Only now in 2017, after a year of news littered with cyber hacks, do small businesses actively ensure their online data is secure. It’s been a long time coming with 2015 seeing 74% of small organisations in the UK reporting a security breach.

From a simple click of an email link to a ransomed encryption of company files – cyber security is not something SMEs can be complacent about. The average damage done per year from cyber security is €1.67 million worth. For SMEs, the most severe breaches cost can now reach as high as €361,233

So how does a business get “hacked”?

There are numerous breaches in online and database security that leave businesses incredibly vulnerable. According to the statistics released by cyber security firm Symantec, half (52.4%) of phishing attacks (carried out using fake emails) in December 2015 were against SMEs. SMEs, being low in security, are a primary target for hackers – the most common exploits are:

  1. Ransomware – a type of malicious software designed to block access to a company’s network until a sum of money is paid out. This is usually done through phishing emails and is the most common cyber-attack against SMEs.
  1. Main hacking – when a hacker directly accesses the company network due to lack of appropriate security. There, they can access company data and target the company’s customers’ information like credit card details.
  1. Social engineering – when hackers also use spoof email accounts – posing as CEO or higher management in order to get those with financial authority to make payments to the hacker.
  1. Denial of service attack (DoS) – a simple cyber-attack where the perpetrator seeks to make a company’s website or network unavailable to its intended users by temporarily or indefinitely overwhelming the server with a volume of malicious data. These attacks are very easy to carry out, costing less to nothing.
  1. Human error – an aspect that cannot be forgotten. People are general the most prone to causing security breaches. Information can be lost or even given to the wrong person.

How do I keep my business safe?

SMEs need to combat against these hacks with staff training to identify obvious threats and how to deal with them. A common reason why SMEs get hacked is due to staff being wholly unaware of the effect simply clicking a wrong link can have. Employees should be aware of emails that look suspicious and always check link locations when being redirected somewhere. Once these are confirmed to be safe only then should staff attempt to open any attachments.

Ensure all staff are using adequately strong passwords and make two-step authentication with a phone number a requirement for all accounts. Remind staff to avoid sharing private data when in use of public WiFi (say for instance, in a coffee shop), this will ensure no one is breaching the information shared through a public server.

Lastly, be wary of cloud storage. Anything you share on the cloud is open to be hacked. If you don’t want anyone to read it outside of company remits – don’t share it.  Also remind staff to delete things off the cloud if they’re deleting it off their computers. Many privacy experts state that anything you put on the cloud has a much higher chance of being published online. Get to know the practices of your cloud storage provider.

It seems simple and obvious but a careful procedure like this shown to all employees will ensure hackers have a tough time getting into your business. Hackers play off human error and negligence. Invest in a security system that ensures you’re protected. Expensive as this may be, it could prove critically important for the life of the business, as well as its customers and employees.