How SMEs can stay SAFE from cyber threats
Three quarters of SMEs believe they do not face risks from cyber attacks, despite a growing number of businesses moving onto online platforms.
Security Firm Kaspersky Lab has revealed that 75% of businesses felt that their company was too small to be of any interest to would-be criminals in a recent survey.
A further 59% suggested that the information they hold is not of interest to cyber criminals, but the security firm has warned of the need for caution.
Instead, a lack of security measures and awareness is opening the door for cyber criminals to target these smaller businesses.
David Emm, senior security researcher at Kaspersky Lab, explained that security can be improved by working on four key principles, highlighted by using the acronym SAFE.
This is the idea that links to other businesses exist at SMEs and that targeting them could present an opportunity for a criminal to break in to a much larger organisation.
As a result, this can pose a significant threat to both the SME and to the larger business in question.
This can result in the leak of classified information and could lead to potential court action against the smaller company – presenting the risk of corporate insolvency should costs spiral during the case.
This focuses on ensuring that employees understand their responsibilities with regards to security, and that they make it as difficult as possible to access the system.
Information such as passwords and security numbers should not be revealed and it’s important that workers know what to look for.
A lack of specialist staff at an SME can mean that there is nobody specific to keep an eye out for cyber attacks.
Planning what to do in the event of an attack is therefore important as it increases the chances of getting the company back up and running as soon as possible.
This is vital when it comes to protecting the brand name and reputation of the business, while it also means that trading can continue, limiting any potential down-time costs.
Staff should know the security procedures and this revolves around making them as easy to understand as possible.
If this is done adequately then the risks of cyber attacks are reduced and the longevity of the business concerned should be far greater.
By Phil Smith