High profile cyber-attacks on companies, such as Sony, have raised awareness of the growing threat of cyber-crime. Recent surveys conducted by Symantec[i] and other cyber-security organisations suggest that many small business owners are still operating under a false sense of security.
The statistics of these studies are worrying: The vast majority of small businesses lack a formal internet security policy for employees and only about half have rudimentary cyber security measures in place. Furthermore, only about a quarter of small business owners have had an outside party test their computer systems to ensure they are hacker proof, and nearly 40% do not have their data backed up in more than one location.
Do not equate small with safe
Despite significant cyber-security exposures, 85% of small business owners believe their company is safe from hackers, viruses, malware and data breaches. This disconnect is largely due to the widespread, albeit mistaken, belief that small businesses are unlikely targets for cyber-attacks. In reality, data thieves are simply looking for the path of least resistance. Symantec’s study found that 40% of attacks are against organisations with fewer than 500 employees.
10 ways to prevent cyber-attacks
The BIS survey found that 83% of small businesses believe security is a high priority but that many find it difficult to keep up with the constantly changing risks and to know what actions to take to mitigate those risks. Even if you don’t currently have the resources to bring in an outside expert to test your computer systems and make security recommendations, there are simple steps you can take to reduce your risk of falling victim to a costly cyber-attack.
- Train employees in cyber-security principles.
- Install, use and regularly update antivirus and antispyware software on every computer used in your business.
- Use a firewall for your internet connection.
- Download and install software updates for your operating systems and applications as they become available.
- Make back-up copies of important business data and information.
- Control physical access to your computers and network components.
- Secure your Wi-Fi networks. If you have a Wi-Fi network for your workplace, make sure it is secure and hidden.
- Require password-protected individual user accounts for each employee.
- Limit employee access to data and information, and limit authority to install software.
- Regularly change passwords.
The benefits of cyber insurance
A data breach could severely and negatively impact your small business with a high associated cost dealing with cyber-crime, data breach and resulting damages (including reputational damage) and/or sanctions. Cyber insurance is designed to support businesses manage these types of attack.
Contact RS Risk Solutions Insurance Brokers to find out more about cyber insurance at email@example.com or telephone us: 01342 580106 to discuss your cyber insurance requirements.
[i] Zywave Inc., 2012, Cyber Risks & Liabilities, ‘Cyber-Security Tips for Small Businesses’