It doesn’t matter if you’re working in the office or remotely – wherever you are, if you don’t take cyber security seriously it could be very costly to you. Here’s what you need to know …
In our last blog we gave you some stats which highlight the enormity of the cyber security threats facing UK businesses. While this isn’t the movies and we don’t want you to ‘Be afraid, be very afraid’, when it comes to protecting yourself, you need to be suspicious – be very suspicious.
The methods deployed by criminals to hack into valuable business and personal accounts have become extremely sophisticated – and costly to victims. If you want further evidence of this, just have a chat with our team, who’ll give you nightmares with examples of people who have lost more than just a few thousand pounds through cyber crime.
Currently, some SMEs are taking advantage of the government grants for new equipment, technology and specialist advice to help them recover from the effects of the coronavirus pandemic – it pays to include cyber security on the list.
Why cyber security should not just be the realm of the IT professional – it needs to be a priority on the boardroom agenda. It must have due consideration and investment.
Since the start of the COVID-19 pandemic there has been a massive increase in all kinds of attacks, including phishing and malware. So, with more people working flexibly – some in the office, some remotely – you need to have a consistent cyber security policy which they can follow and secure systems they can use. And, you may need to change the culture within your organisation!
As a Director or Executive you may say ‘I don’t have time to tackle these issues’ but your business is at risk if you don’t. Everything relies on digital systems now; the boardroom must invest time and money into cyber protection. This includes agreeing the business-critical systems and processes that are vulnerable and ensuring robust strategy and plans are implemented and actions taken to prevent attacks. It involves using a company-wide approach and consulting with IT professionals and staff.
Most data breaches are caused by human error and complacency. So, you want everyone to agree cyber security is important, understand why and accept responsibility for it as a part of their role.
1. Deploy the right level of security for your organisation and its industry requirements. Your business may have to meet certain compliance standards set by regulators. Are your current levels appropriate and up-to-date? Consider, too, your responsibilities under GDPR.
2. Take expert advice about computer system updates, anti-virus and anti-malware software, secure firewalls, back-ups, reliable encryption and so on – every link in the chain needs to be protected.
3. Train yourself and your people. You should all know what to look for when online and how to react: it might be obvious – a suspicious email, a strange-looking website url or an unexpected mobile phone message – but it could also be a hacker pretending to be someone you know, or even a whole web page that’s been cloned by criminals. We’ve found that if you train in the right way, with engaging and reassuring communications which inform and educate, people agree it is a valuable part of their day.
4. Use strong, unique passwords and have a password manager. A password manager stores and encrypts your passwords for online accounts as well as pin codes, bank account details and documents. You don’t have to write them down or remember them because they’ll be in your password vault.
5. Multi Factor Authentication (MFA). Authentication provides an extra layer of security. An example of this is when your bank sends you a code to input before permitting certain transactions. It’s essentially requiring you to provide more evidence that it’s really you. There are many authenticators out there – some of the free ones may be OK for less valuable personal accounts perhaps – but, be careful, even some of these are false! Take advice and, again, match the service to the level of security needed.
These types of investment will reduce the risk of cyber attacks on your business.
Don’t wait to be hacked. Contact us – we started out with IT support services and cyber security in Guildford many years ago and now help SMEs across the whole of London and the South East – and often beyond!
For a confidential chat please complete the form below.