What is Cyber Security? For small businesses (and for some larger ones) the word “Cyber” just sounds like an extra expense, something they perceive they don’t need or something they don’t need to understand.
Why do small businesses need to consider Cyber Security?
The principle can be as simple as “if you have something worth selling then you have something worth stealing”. Information now has a value of its own. SMEs have a wide variety of information that can be bought and sold on a well-established criminal market either for direct criminal use or to facilitate wider fraudulent activity; e.g. customer data and orders, client information and billing details, employee records, accounts and financial records.
The IT systems we use to run our businesses are our commercial lifeblood. Criminals have researched and know exactly how much SMEs are prepared to pay to recover data encrypted by Ransomware.
Also, the type of data that some SMEs hold on behalf of others is important: legal data, financial data, medical data or some other type of sensitive information. How much damage would it do to a trading position if an SME has to publicly admit that it had lost data that was considered by their clients to be commercially or personally sensitive or subject to their own Data Protection responsibilities? Another consideration is the extent to which an SME represents an easy access point for criminals and other malicious actors into larger targets. Losing data from your own business is bad enough, but being the launch pad from which an attacker or criminal can access more valuable organisations in a supply chain can cause contractual loss and potentially irrecoverable damage.
The Digital Marketplace is just that – a marketplace. It simply needs thinking about with the same principles as a normal physical high street. You wouldn’t open a shop on a modern high street without thinking about where you keep your cash register, and where you’d lock it up at night; whether you’d have a fire alarm and burglar alarm; whether you’d have CCTV and a shutter. You would, of course, have a storeroom, a safe and somewhere where you would keep your company records. You’d perhaps have additional security measures such as tags on your more valuable sales items, you’d have a key for the shop. For all these measures you’d also have a defined group of people who would be allowed access to some or all of them. And importantly, if any of these processes failed and you fell victim to a robbery or theft you’d know who to call and what to do.
SMEs in the digital age need all of these things for their computer networks and online presence. Luckily there’s a guide and somewhere to start and for an SME that’s Cyber Essentials.
Cyber Essentials is the UK Government’s Guide to Cyber Security. It represents the basic and most common forms of protection and it’s broken down into 5 easy to understand and easy to implement areas. PGI has an on-line user-friendly Cyber Services Portal which will guide organisations through every step of the short process and help to educate and assure small businesses on the cyber threat and how to safely and affordably combat it.