In cyberspace, no-one can hear you scream…
We may have stolen a sci-fi strapline, but what will cyber-criminals steal from you? Many people hide behind the fact that they’re not one of the big boys, so they’re not really targeted by hackers, but that couldn’t be further from the truth.
Research published by Vodafone earlier this year found that 41% of UK SME’s had suffered cyberattacks over the previous 12-month period, with 20% experiencing multiple attacks. It warned that as many as 1.3 million UK SMEs could collapse completely after falling victim to a cyber-attack.
SMEs are under-protected from cybersecurity risk, they are less likely to have robust defences in place than their larger counterparts and the pandemic has increased their vulnerability to attacks. A very attractive target for cyber criminals.
Despite the increased risks, most SMEs only have the most basic protections in place such as installing firewalls and anti-virus software. But the biggest risk is your people and only a minority routinely train staff on cybersecurity issues.
Hello, I’m an SME and I am a cyber target…
So what can you do? Like the old saying goes, acknowledging you have a problem is the first step to recovery. Review the risk, make a plan and action it. Even simple steps can prove hugely valuable- SMEs that routinely back up their systems and data are much less vulnerable to ransomware attacks; introducing multi-factor authentication on remote devices is simple and reduces the risk of attackers getting in this way.
The European Union Agency for Cybersecurity (ENISA) said the most important thing SMEs should focus on is how to build stronger cultures of cybersecurity, with management working harder to build employees’ awareness. They suggest practical steps such as regular cybersecurity audits, training for staff, the development of cybersecurity policies and incident response plans.
ENISA’s data suggests that the five most common threats to SMEs are: phishing attacks; web-based raids; general malware; malicious insiders; and denial-of-service strikes. It seems SMEs don’t invest enough in cybersecurity, they fail to access the right type of expertise and favour quick fixes such as anti-virus software, rather than building a culture of cybersecurity awareness.
The Home Working Threat
Measures introduced by many SMEs during the pandemic, including remote working have given cyber attackers new opportunities.
A recent survey found that 56% of senior IT techs believe their employees have picked up bad cyber-security habits while working from home. Nearly two in five home workers admitted that their cyber-security practices at home were less thorough than in the office, with half admitting it’s due to feeling less scrutinised by IT departments.
During the height of the pandemic in 2020, there was a staggering 667% increase in malicious phishing emails. Google also reported blocking over 100 million phishing emails daily during that time.
The consequences of such phishing attacks can often be dire. While global multinationals may be able to recover from substantial losses, cyber-attacks can be catastrophic for both small businesses and individuals.
Now, with many employers formalising the home-working policies they set up during the pandemic, they must ensure that proper security procedures and training are put in place to keep both themselves and their employees safe.
Can Cyber Insurance help?
Cyber insurance is more crucial than ever as attacks and data breaches increase in both frequency and sophistication. Having the right cover in place will support and protect your business if it is the subject of an attack by a malicious hacker or experiences a data breach. It not only provides comprehensive cover but will provide you with a trusted partner to support the business in the event of a cyber-attack.
A range of insurance products have been developed to meet the increasing demand for cover, so not only is there a product available to suit your specific business needs, but it's also far more cost effective than ever before.
Obtaining a quote for your business is a simple and straightforward, simply contact Charlotte.
Charlotte Perkins – Group Managing Director
firstname.lastname@example.org 0115 9420 111