Cyber attacks are increasing and can have devastating effects on small businesses.
There has a huge increase in cyber crime since the Covid-19 pandemic arrived in the UK almost 12 months ago. Cyber attacks can target businesses of all sizes, and everyone should consider their business to be at risk.
During the past 12 months, businesses were forced to quickly adjust to new ways of working, largely remotely, which has unfortunately created more opportunity for criminals looking to exploit cyber crime. In fact it has been reported that businesses faced a 20% rise in cyber attacks last year compared with 2019.
Small businesses can be seen as easy targets
Whilst the highly publicised headlines focus on major security breaches in large well-known companies, small and medium sized businesses are more likely to be the victim of a cyber attack. Even though the rewards may be less, cyber criminals find it easier to attack SMEs as they tend not have such rigid IT security in place and haven’t trained employees about cyber security risks.
Human error is one of the leading causes of cyber security incidents
Theft of funds, ransomware and non-malicious data breaches usually start with human error or an oversight such as clicking on a phishing link, which then allows cyber criminals to access your IT system.
There are a number of steps that businesses can take to minimise cyber risks. Remember to:
- Be cautious of any suspicious or unexpected emails. Phishing is one of the biggest cyber threats we are facing, and everyone within your organisation should be extremely vigilant against such attacks. Is the email you’ve just received real or a phishing attack? Phishing emails are disguised to look like they are from familiar contacts or organisations and try to trick you into taking an action like opening a malicious attachment or clicking a malicious link. Always pay close attention to the email
- Unfortunately cyber criminals will take advantage of any opportunity and Coronavirus COVID-19 scams are on the increase.
- Be suspicious of all unexpected messages and social media connection requests
- Think twice before sharing any information
Small businesses can be the gateway to larger businesses
Many small businesses are connected to the IT systems of larger organisations as partners or service providers. When cyber criminals are looking to gain access to larger and more cyber secure organisations they are increasingly targeting suppliers to see if these small businesses offer a less-secure way in.
The National Cyber Security Centre (NCSC) provides cyber security guidance and support helping to make the UK the safest place to live and work online
The six key behaviours that the National Cyber Security Centre (NCSC) is recommending people follow are:
- Use a strong and separate password for your email
- Create strong passwords using three random words
- Save your passwords in your browser
- Turn on two-factor authentication
- Update your devices and apps
- Back up your data
Always backup important data
Having good backups can be the difference during a ransomware attack of recovering systems relatively quickly to being held to account for large sums of money demanded by criminals that have encrypted entire systems including backups.
Cyber insurance underwriters are very interested in how often company’s back up their data and where this is stored. They are keen to see that data is being backed up regularly, isolated from the main network, and stored offline in an offsite location.
Cyber incident response plan
It is impossible to completely eliminate the chances of a data breach or cyber attack, either directly or against a supplier. For this reason, it is important to factor third-party risks into a cyber incident response plan. The aim of the plan should be to minimise damage and expenses related to a breach and minimise disaster recovery time. With the chances and potential damaging effects of a cyber-attack or data breach increasing all the time, it is important that businesses build robust third-party data security approaches.
Cyber Insurance for your business
Even with robust cyber security measures in place, the potential damage a cyber attack can cause your organisation is significant.
If your business doesn’t already have cyber insurance you are potentially exposed to huge financial losses that can be incurred when your IT system comes under attack. This can lead to costs from handling a data breach, lost revenue, a damaged reputation, legal and regulatory costs, not to mention the disruption to your business. Real Insurance have access to comprehensive cyber breach solutions created to protect businesses from cyber risks.
For more information about the different types cyber insurance covers available please click here or contact a Real Insurance specialist on 0330 058 0260 who can provide a tailored quotation specific to the needs of your business.