Energylinx for Business News

July 6, 2017

How to Protect your Small Business from Cyber-crime

The latest global cyber-attack that affected businesses around the world is a stark reminder of the growing risks from cyber-crime that companies face, and unfortunately, small businesses can be particularly vulnerable to this type of crime. The ransomware is currently being discussed as a variant of 'Petya', which has similar traits to 'WannaCry' that caused havoc with the NHS network in May.

So how should small companies protect themselves? The first stop should be the National Cyber Security Centre website and Twitter feed to ensure you stay up to date with the latest advice. The Federation of Small Businesses (FSB) offers its members a cyber advice line and cyber insurance protection, which could prove invaluable in the event of an attack.

FSB recently advised members of other free and simple steps that they can take to reduce their risk of contracting all types of malware including ransomware, of which WannaCry and Petya are just two:

  1. Ensure software and devices are kept up to date and all available security patches are installed. Upgrade devices to their latest operating system version where possible.
  2. Have a robust and regular backup solution which allows recovery from a malware outbreak. Having an offsite or cloud backup is also invaluable in the event of a natural disaster or accident such as a flood or fire.
  3. Raise awareness of cyber security risks and promote vigilance within the company. Employees are often the last line of defence against attacks that have bypassed technological barriers and a simple action such as not opening an email attachment may prevent a huge impact to the business.

Beyond ransomware and other types of malware - such as viruses, spyware, Trojans, and worms - small businesses are susceptible to other types of cyber-crime - one of the fastest growing areas of crime globally. These include phishing and spear phishing emails, whaling, and CNP (card not present) fraud.

'Invoice fraud' phishing attacks are becoming all too common in the small business sector. This is where a business email account is illegitimately accessed and used to send, or modify, customer invoices with altered payment details. Such crimes often cause thousands of pounds of lost revenue and have a high success rate.

A cyber-crime incident costs a small business victim nearly £3,000, and takes more than two days to recover from. According to a recent report FSB published, a staggering seven million cyber-crimes are committed against smaller businesses in the UK every year.

Don't take risks and make sure staff are also savvy when it comes to threats. Small businesses should always ensure they're following the best expert advice and have specialist cyber insurance in place.

Posted on July 6, 2017 at 02:33 PM