Cyber crime costs UK businesses around £30 billion every year. Not only can security breaches be extremely damaging, they could even mean your business has to close.
Understanding and identifying any risks should be a top priority. By spending some time adequately protecting your business now, you’ll potentially save yourself a huge headache later on.
Tip 1 – Look at the threats
A great place to start is with a security audit. If you’re not sure how to do one effectively, or you don’t have an IT team in house, it’s worth getting in an external company in temporarily who can help you. Find out what the latest cyber threats are and what effect they have. Keep your operating systems up to date with the latest software too, as patches often include important security fixes.
Tip 2 – Back up your data
Ok, this is one isn’t so much about preventing an attack itself but it’s about mitigating the devastating consequences it can have on your data. Make sure all data is backed up securely and can be accessed elsewhere in case your systems need to be wiped. Back up your mobile devices too and check that your password policy is effective, and is being correctly used across the board.
New “strains” of old scams like phishing, bots and malware are all challenges your IT systems will face. Also think about the damage that can be done by staff who miss-use their IT privileges or those who use their own devices at work. The list of potential threats is lengthy and constantly changing so you’ll need to stay on top of it.
Tip 3 – Keep cyber security at the top of your list
After you’ve completed your risk assessment, write an easily accessible, clear risk management policy and communicate it to your employees, contractors and suppliers. If you share any of your data with a third party, then make sure it’s protected against unauthorised access or changes.
Make sure passwords are robust too. All static devices which connect to the internet should use encryption products that need a password, while mobile devices should have password or PIN protection, or fingerprint recognition. Use 2-factor authentication (2FA) if you can, and encourage your staff to not make passwords too obvious. Everyone should be able to store their passwords safely, away from the device, and reset them if needed.
Tip 4 – Read up or go on a course (or both!)
The good news is all businesses are in the same boat and there’s plenty of help you can access. There’s a great variety of online articles and training courses you take for cyber security awareness, as well as more advanced certified courses for anyone with more senior responsibility.
Tip 5 – Never assume it won’t happen
Act on the defensive and never consider cyber crime as something that only happens to other people – every organisation has the potential to become a victim. It’s best to think the worst and then be pleasantly surprised if it doesn’t happen, rather than the other way round.
Keep the number of employees with administrative access to a minimum and check your processes are regularly updated and understood. Also stay up to date with legal and regulatory requirements, and make sure you have appropriate insurance in place to protect your business should the worst happen.
The best cover is in the form of cyber liability insurance. Not only will it protect you financially if someone brings a claim against you arising from your use of the internet, email or intranet, cyber liability insurance can cover any loss of customer data and the subsequent fines, compensation and legal costs that may come from it.
Be proactive. With good forward planning and effective protection in place, you will help you reduce the risks of a cyber attack on you, your staff and your reputation. If it does happen, your business will be in the best shape to cope with it.
For a quote on cyber insurance, please call us on 01246 570600 or fill out the form below.