Is your small business safe from a cyber attack?

Is your business safe from a cyber attack?

When we think of hacking, we tend to imagine global banks being attacked to the tune of billions – but according to a study by cyber security firm Symantec, companies with fewer than 250 employees now account for a third of all cyber attacks. Small businesses are often woefully underprepared when it comes to cyber security – and this puts them in the crosshairs.

Small businesses are attractive targets for cybercriminals because they usually lack the cybersecurity precautions of larger organisations. The consequences of these attacks can be extremely costly, from lost productivity to company reputation.

This is why, according to Toni Allen, UK head of client propositions at the British Standards Institute, “SMEs are now being pinpointed by digital attackers.”

A cyber attack can wreak havoc on a small company’s finances: a UK government survey reported that for small and medium sized business the average cost of the worst breach is between £75,000 and £310,800. Furthermore, when the EU’s new General Data Protection Regulation comes into force in 2018, allowing security breaches to compromise customer data could result in companies being fined 4% of their annual turnover, up to €20m.

Finances may recover in time, but the damage to a brand’s reputation for dependability and customer security may well be irreparable. It is vital that small businesses take steps to prevent such attacks from happening.

“Burying your head in the sand may save money in the short term,” Alex Fenton, a digital business expert and lecturer at Salford University told The Guardian, “but the cost of hacking could range from minor inconvenience, reputation damage, loss of customer data, fines and ultimately company closure.”

Instituting a secure password policy (never the same password for more than one account, use at least three random words) and ensuring that your cyber security software is business-grade and up to date are simple steps that could protect you.

However, the most essential step towards cyber-security is staff training. Many hacks come about because of vulnerability created by simple human error: the wrong link clicked in an email, some malware hidden in innocuous seeming MP3 software. Educating all staff to practise good digital hygiene could mean the survival of your business.

“You don’t want your first breach to be a learning exercise,” security expert Lawrence Pingree says. “Your brand, even your company, may not survive to learn from those lessons.”

How can VinciWorks help?

VinciWorks’ online cyber security training help keep businesses remain secure against ever-evolving cyber threats. Courses available range from digestible, five-minute Take 5 micro-learning modules to in depth, detailed eLearning courses covering multiple topics within a subject area.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”