With Cyber Security Awareness Month upon us it’s a useful time to consider how to stay secure online. Small businesses have suffered from increasingly sophisticated cybercrimes, including phishing, invoice fraud and malware attacks. So how can you protect your business?
Recent research shows the enormous growth in cybercrime and fraud against new businesses. More than two-thirds of small businesses have experienced cybercrime. The most common crime includes phishing emails – with 92 per cent of small firms targeted with an attack. In addition to this ten per cent of SMEs have experienced malware attacks, and nine per cent have seen social media hacking.
As fraud and cybercrime become more sophisticated, some small businesses have found it increasingly difficult to tackle. Situations have included criminals contacting the company bank after diverting the owner’s phone calls via their mobile phone provider. The bank then called the ‘customer’ back and followed through with the request to move funds from the business bank account to the fraudsters.
More than half of small businesses have increased investment in cybersecurity and anti-fraud measures in the last few years, but new technologies can make it increasingly difficult to ensure cyber security software is up to date. The pressures of cost and time on small businesses can also deter investment in this important area.
What can you do to improve cyber security in your business?
- Back up your data – identify what you need to back up and keep any back ups separate from your computer (perhaps in the cloud)
- Protect your organisation from malware – install anti-virus software, control what staff download, keep software and hardware up to date and switch on a firewall
- Keep your smartphones and tablets safe – use password protection to access any devices, add tracking to ensure lost or stolen phones can be found, keep your device and apps up-to-date and don’t use unknown wi-fi hotspots
- Use passwords to protect your data – add 2 step verification for critical processes including banking, change default passwords and avoid using predictable PIN and passwords
- Avoid phishing attacks – ensure staff are trained to identify possible phishing attacks, be vigilant and create simple but effective processes to report any concerns
For more information the National Cyber Security Centre offers online information about cyber security for those who are self-employed, as well as sole traders and SMEs.