Small businesses are subject to 10,000 cyber-attacks a day. A cyber-attack can be defined as a criminal activity where a computer system, network or application is attacked or hacked, with the aim of stealing, destroying or holding data to ransom.
Cybercrime is costing small businesses billions of pounds per year according to latest Federation of Small Businesses research. More than a million firms fell victim to phishing, malware and payment scams and small businesses are collectively subject to almost 10,000 cyber-attacks a day.
The annual cost of such attacks to the small business community is estimated to be £4.5 billion, with the average cost of an individual attack put at around £1,300. Victims are most frequently subject to phishing attempts, with more than half a million small firms suffering from such an attack over the past two years, hundreds of thousands of businesses also report incidents of malware, fraudulent payment requests and ransom-ware.
One in three small firms say they have not installed security software over the past two years, whilst four in ten do not regularly update software, and a similar proportion do not back up data and IT systems. Fewer than half have a strict password policy for devices.
These findings demonstrate all too clearly the sheer scale of the dangers faced by small firms every day in the digital world and that it is more important than ever to the be aware of the potential risks your business could face online and how cybercrime affects businesses. A cyber-attack has the potential to be financially and reputationally devastating for a small business if you do not have the appropriate precautions in place.
Cybercrime can affect businesses of all sizes and industries. Some examples of cybercrimes that a business might fall victim to are the theft of customers’ bank details or personal records, including their names, addresses and passwords. Ransomware is a form of malware that is increasingly used to hold a business’ data ransom in return for money.
How to prevent cyber attacks.
In the wake of Windows 7 Extended Support coming the End, companies are being advised that systems which are not being supported and receiving security updates, may not be insured against cyber-attacks.
Cybercrime poses an ongoing threat in business and it’s worth having an understanding of what a cyber attack would look like, what you can do to safeguard your business and how to take action if you fall victim to an attack.
Fortunately, there are some simple ways that your business can improve your cyber security and protect yourself from cyber-attacks.
Cyber Security Training
These include providing your staff with training in cyber security principles, such as locking their computers when they’re not at their desk, regularly changing their passwords and not opening suspicious files or links.
Control Data Access
It’s essential to control access to your computers and network by providing employees with their own password-protected user accounts and limiting authority to download software and access sensitive data.
As well as this, you should protect your computer systems by installing and regularly updating antivirus and antispyware software, using firewalls for your internet connection, securing WiFi networks with passwords and keeping software for your operating systems and applications updated.
What to do if you have a cyber attack
But if your business does fall victim to a cyber attack, it’s vital that you and your team know the correct procedure for dealing with it. All cases of cybercrime should be reported to Action Fraud who will then inform the National Fraud Intelligence Bureau and provide a police crime reference number.
If your business has suffered a financial loss, get in touch with your bank straight away in order to protect your accounts and start a fraud investigation. Also, if you have cyber insurance for your business, get in touch with them quickly about the situation, so that your insurance provider can step in to assist swiftly.
Incidents where data is compromised or stolen may breach GDPR, so it must be reported to the ICO (Information Commissioner’s Office) within 72 hours to minimise possible penalties.
Cyber security is just as important for small businesses as it is for large corporations. To avoid falling victim to cybercrime and its devastating consequences, make it a priority to enforce strict data security procedures and to install adequate antivirus and antispyware software.
It is also worth considering having cyber insurance as part of your small business insurance, which can help to cover the costs of data recovery, system repairs, reputation management and legal defence if your business was targeted by a cyber-attack.
Small firms must wake up to the threat of cybercrime, it is a threat that is evolving rapidly and it poses an ongoing threat, we hope that this article has provided you with a better understanding of what a cyber-attack would look like, what you can do to safeguard your business and how to take action if you fall victim to a cyber-attack.