With more cyber attacks hitting the headlines than ever before, the pressure from customers and the supply chain for small businesses to keep their data secure is understandably increasing. However the Forum warned that uncertainty around what steps to take in order to boost their online security means that many small business owners ignore the issue until they are forced into action, by either becoming, or knowing, a victim of cyber crime.
Matthew Gould, Director of Cyber Security and Information Assurance at the Cabinet Office, says: “We are living in an increasingly digital economy but many people just don’t think about cyber security until it affects them personally. As well as advice specifically targeted to SMEs on Cyber Streetwise, a raft of practical guidance is also available on GOV.UK for businesses of all sizes. If businesses aren’t already signed up to the Cyber Essentials scheme, they should do so.”
The Forum - which includes members from the FSB, Hewlett Packard Enterprise, KPMG, Symantec and Tesco Mobile - highlights the need to increase the barrier to entry for cyber criminals on both personal and business devices. Data is becoming increasingly mobile, especially for small businesses, with figures from the FSB indicating that mobile connectivity is ‘vital’ to 70% of small business owners. However it seems that people don’t exercise the same caution on mobile devices as they do on computers, meaning any information stored on, or accessible by, the device is at risk.
“We have seen an increase in malware targeting mobile devices, however people often don’t transfer their thinking around how they behave on a laptop or computer to how they use their mobile devices” says Carla Baker, Senior Government Affairs Manager at Symantec. “Remember that just because you can’t see your data being hacked or malware attacking your machine, that doesn’t mean it’s not happening.”
Despite this need to improve best practice when it comes to online security, the Forum revealed that SMEs continue to find it hard to navigate what they perceive as a highly complex and intangible subject, with small business owners often turning to their accountants or bank managers for advice.
According to the Forum, there are simple steps small businesses should take towards improving their cyber security. “Many small businesses think cyber security is ‘scary’ and they don’t know where to go - so they don’t do anything” comments Emma Philpott, who runs IASME, a small business itself that is an accreditation body for the Cyber Essentials standard. “But if you can do one thing better today, you’ll be more secure than you were yesterday!”
John Allan, National Chairman for the Federation of Small Businesses, said: “To grow their business and reach new markets, small businesses want to embrace the opportunities a digital world provides. Recent FSB research shows that 66 per cent of small firms already trade online or want to do so. However, greater use of technology also means greater vulnerability to digital threats. With the nature, scale and costs of cyber security breaches escalating, small businesses need simple, straightforward cyber security advice like that provided by Cyber Streetwise. We would like to see more small businesses making the most of going digital, using the resources available to keep their businesses safe and secure.”
Cyber Streetwise is encouraging small businesses and consumers across the UK to do three simple things to improve their online security and protect themselves from cyber crime:
- Make your passwords stronger with three random words
- Install security software on all devices
- Always download the latest software updates