Another good article in this month's FSB "First Voice" magazine highlights again the dangers of cyber crime and cyber breaches to small businesses.
Opening with details of the FSB's own research of its members, the article reveals that 66% of FSB members surveyed had been victims of some form of online crime in the last 2 years.
The "Ostrich approach"
The article begins by discussing the all to common lack of awareness - among small businesses in particular - of the gravity, severity of the risk and likelihood of some form of cyber attack on their business
"many small firms still believe this is
something that will not happen to them"
A study of 200 firms published in September found that 86 percent thought "they were doing enough to prevent cyber security attacks", yet over half reported some form of data breach.
Our own anecdotal evidence, from meeting with hundreds of small businesses, tells us that most small businesses are probably not doing enough - either some of the basics for a secure small business IT system are not in place or may be poorly managed, or the cultrual "ostrich" approach has created a lax approach to IT and cyber security which needs regular review and development in the modern world.
Similarly, in another survey, 27 percent of small businesses surveyed said they felt that they were 'too small' to be of interest to online fraudsters, leading the authors to comment
"our study shows that businesses believe
they are far more secure than they really are"
The most common types of Cyber Crime reported in the FSB survey were
- Spear Phishing
- Insider threat
The Insider Issue
The article closes with a discussion about the importance of education, communication and training within a business - technical security solutions alone cannot protect your business if your users are not taking security seriously and leaving your business exposed through user error or misuse
Train staff on how to control passwords, how to recognise phishing and fraudlent emails and how to reduce their own personal risks in day to day use of your IT systems.
It's clear that cyber crime and IT security continues to be a hot topic. Barely a week goes by without news reports of another organisation falling victim to some form of cyber attack, data breach or hack.
Whilst the big organisations may grab the headlines, the truth is small businesses are coming under attack on a daily basis and the costs and damage to a business can be huge.
Why not download our free 5 point guide to some of the best practices that all small businesses should have in place to ensure a basic level of defense against today's common threats.
If you don't already have a company cyber security policy and training programme in place, make this a priority and ensure all of your users. You could start with a security audit and for many small businesses the government backed Cyber Essentials scheme can be a great way to validate that you are taking a serious and effective approach to cyber security.