Q: I am a small business owner with limited IT skills and knowledge, do I need to be concerned with security of my computer systems?
A: The last two years have seen some of the largest cyber security breaches in recorded history. And whilst mega breaches of companies like Yahoo hold the attention of global media, statistics like 90% of large UK businesses reported a breach during 2015 slip by unnoticed.
Many of the UK’s small businesses have previously felt secure in the assumption that cyber incidents were the problem of larger organisations, but this is no longer the case.
Last year saw a sharp increase in breaches within small firms, with 75% reporting a cyber incident. This year has shown to be equally problematic for small business owners who have found they are now the target of cyber criminals. Especially as the likes of Morgan Chase & Co dramatically increase their cyber security spend; criminals are turning to smaller companies for easier earned pay-days.
Smaller firms will in general have minimal security, which is most likely outdated or configured incorrectly, weak internal security processes, and are generally understaffed.
However, there is a lot that can be achieved on a minimal budget by smaller businesses. Recent analysis showed that of the breaches reported in 2014 and 2015, 80% could have been avoided had simple and basic security processes been in place.
It is highly recommended that small business owners read the governments Cyber Essentials Standard https://www.gov.uk/government/publications/cyber-essentials-scheme-overview. It covers five main areas; firewalls, gateways, network configuration, access control, and patching. This basic guide will help you identify the best protection for your business, for minimal cost. And as already illustrated this will protect you from the vast majority of attacks.