- / Blog
- / Get ahead on cyber security
Get ahead on cyber security
From what newspaper reports have to say, the owners of small businesses could be forgiven for thinking that cyber attacks are something for large corporates and governments to worry about. Unfortunately the opposite is true.
SMEs (small and medium-sized enterprises) are the forgotten victims of cybercrime. Hacks don’t make headline news like Sony and Target, but they’re happening every day. Small businesses are much more vulnerable than large corporations, because they tend not to have invested in the same level of risk mitigation. In fact, last year 60% of all cyber attacks globally targeted the SME sector, according to technology giant Symantec. And the cost to smaller businesses can be huge.
Aside from notifying customers, you may also face costs for rebuilding your company’s personal profile and re-establishing trust with customers. Then there’s the cost of investigations, compensation, and engaging experts to repair your database – if it has survived the attack. When a small business is hacked, owners often jump to the conclusion that they were “just unlucky”. But that’s not how it happens. Cyber criminals deploy automated tools to scour the internet looking for weaknesses and vulnerabilities. “Bad luck” has very little to do with it.
Small business owners may not be able to afford teams of IT professionals and the latest security tools, but there are things you can do:
- Fortify your operating system and ensure all anti-virus, anti-spyware and firewall software is installed, up-to-date and working.
- Make regular backups of your data and store it offsite. And by regular we mean as often as necessary – which in some cases means daily.
- It’s all too easy to slip into bad habits, but don’t be lazy with passwords, and be vigilant with access management.
- Remove administration rights from computers that don’t need it and check with your IT provider if they have remote access to your systems and what security controls they have in place.
- And crucially, take the time to review your insurance coverage.
Too many businesses are tempted to rely on the traditional suite of business policies that have served them well in the past. Public and product liability, professional indemnity, commercial crime, directors’ and officers’ liability, property damage and business interruption insurance cover many losses – but not all. When it comes to cyber, there are gaps and exclusions that threaten to leave you exposed at every turn.
Specific cyber cover is now available, and you should consider it. Typical policies cover third-party compensation, associated defence costs, and even fines and penalties imposed by government authorities. Cyber insurance will generally cover the cost of public relations and crisis management to deal with reputational damage, and the cost of restoring data and repairing or replacing IT assets. Loss of business income is normally covered, as are cyber extortion expenses.
Remember that for cyber criminals, size doesn’t matter – and they love an easy target. So take steps to make your business a tough nut to crack. Talk to us today about assessing your risk and arranging cover that will help make any successful cyber attack a nuisance rather than the thing that destroyed your company.