Headlines have been dominated by news of cyber attacks over recent months. But to date, no hack rivals the WannaCry virus, which temporarily crippled the NHS and other organisations around the world.
Will Twiss, information security manager at business finance group LDF, warns that the threat posed by cyber criminals is constantly evolving, with new and increasingly intelligent types of malware being released daily. “We have seen multiple widescale attacks across Europe this year, crippling information systems without discretion,” says Twiss. “The entire spectrum of SMEs, big business and state services have all fallen victim to the WannaCry and ExPetr outbreaks,” he says, adding that just last week, businesses across Europe were hit by a ransomware attack known as “Bad Rabbit”.
Goldmine For Hackers
People often think that it’s the bigger companies with well-known brands that are more exposed to these attacks – after all, larger firms hold a plethora of data, which could be a goldmine for hackers.
But actually the smaller companies can be just as vulnerable to cyber attacks, because they don’t have the secure systems in place to prevent them. And then we’ve got the huge costs of repairing the damage after a cyber attack, not to mention the blow to your reputation. A report from PwC found that businesses had to fork out an average of £857,000 each year as a result of cyber security breaches.
With fewer resources, many smaller firms are at risk of going bust if they don’t do more to protect themselves. According to the latest Cyber Security Breaches Survey, a quarter of companies are hit by a cyber security breach every month, which should serve as a warning sign for businesses both large and small. That’s not to say SMEs aren’t concerned about cyber crime. In fact, British SMEs are more worried about this than about Brexit, according to a study from Barclays.
SMEs are planning to ramp up their cyber security defence by £3.8bn over the next year, but what can companies do to protect themselves? First, make sure that you’ve installed antivirus software across all the devices in your organisation. Choose software that is specialised for businesses, and of course, make sure you regularly install each update.
Bearing in mind that the vast majority of cyber attacks are a result of human error, make sure you train your staff on how to avoid leaving the business susceptible to hackers. This can be as simple as not clicking on links from an unknown sender.
Companies should also look at getting professionals on board who have the expertise to fend off these online attacks. There’s a growing number of companies you can outsource this to, in case you don’t have the funds to hire a specialist in-house. Twiss says: “Key considerations for improving an organisations’ security posture should be good passwords, applying security updates, controlling access to information and systems, backing up critical services, deploying network perimeter security and antivirus on endpoints.”
The government, which launched the National Cyber Security Centre earlier this year, has also created a questionnaire for companies to assess how secure their business is.
Just don’t bury your head in the sand and hope the problem goes away. The time to take action is now.