Five simple ways SMBs can fend off hackers and cyber attacks

National Cyber Security Centre gives out infosec advice for small businesses

This year has seen businesses and organisations globally, from the NHS to Equifax, hit by hackers. The scale of these companies shows nobody is safe, and if the larger businesses, with their teams of cybersecurity experts, are falling victim, what chance do smaller businesses have?

Research by the Department for Digital, Culture, Media and Sport (DCMS) found 45% of all micro or small businesses have been the victim of a breach or attack over the past year. Just last month, the technical director for the National Cyber Security Centre (NCSC), a part of GCHQ, warned about the possibility for an unprecedented cyberattack within the coming years.

Now, the NCSC has released a guide for such small businesses giving practical advice on how to protect themselves.

"Cyber security can feel daunting for a small business, which is why we've made the UK's most easy-to-access guide to help them thrive online," said Alison Whitney from the National Cyber Security Centre.

"Protecting against malware, backing up data and avoiding phishing attacks should be as second nature to a small firm as cashing up or locking the doors at night. Whether you own a bakery, a building firm or you sell products online, our advice will help all business owners avoid threats that can cost time, money and reputation."

How to keep your business safe from hackers

Back up

The first piece of advice given in the guide is to back up your data in a separate place from your computer. This could be in a physically separate place, like a USB kept in another building, or in the cloud. The NCSC guidelines say to do this every day.

Malware

The second piece of advice is protecting your organisation from malware using antivirus software and avoiding dodgy apps. Another way to stay away from malware is to keep your software up to date, and control how many people use USB sticks.

Phones and tablets

Cyber security is not only about laptops and computers. The NCSC guidelines provide five steps to protect your phones and computers, including password protection, tracking if the phone is stolen, updating security software and apps, and not connecting to unknown WiFi.

Passwords

It might sound obvious, but password protection is the first step in preventing a cyberattack. Two-factor authentication should be used whenever possible, and people should avoid using default passwords or predictable ones.

Phishing

One of the most common kinds of attacks is phishing, where someone sends an email or text with a disguised link, in an attempt to get the person to click bad links or share their personal information. To avoid phishing attacks, business owners can configure accounts, make sure staff understand what kind of requests they are likely to receive, keep an eye out for obvious signs and report when attacks happen.

More detailed advice can be found in the full version of the guide.

All of this advice is not necessarily going to prevent every kind of attack, but it is a good place to start. One thing is for sure, cyberattacks will not be going away any time soon.

"Cyber crime is one of the fastest growing risks to small businesses and support to tackle it is essential," said Mike Cherry, national c hairman at the Federation of Small Businesses (FSB).

"FSB research shows cyber attacks on small businesses now cost the economy over 5bn a year. Without the time, resources and in-house expertise, it can be challenging to know the best, and even most basic, steps of defence.

"Clear guidance is an important part of increasing the cyber resilience of the small business community, and we hope to see all future information consolidated in one place so that small firms know exactly where to turn for the most up-to-date cyber security advice."

Featured Resources

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Simplify cluster security at scale

Centralised secrets management across hybrid, multi-cloud environments

Download now

The endpoint as a key element of your security infrastructure

Threats to endpoints in a world of remote working

Download now

2021 state of IT asset management report

The role of IT asset management for maximising technology investments

Download now

Recommended

Ryuk behind a third of all ransomware attacks in 2020
Security

Ryuk behind a third of all ransomware attacks in 2020

29 Oct 2020
REvil hacking group says it has made more than $100m in a year
Security

REvil hacking group says it has made more than $100m in a year

29 Oct 2020
36 billion personal records exposed by hacks in 2020 so far
Security

36 billion personal records exposed by hacks in 2020 so far

29 Oct 2020
Trump website defaced in second successive cyber breach
Security

Trump website defaced in second successive cyber breach

28 Oct 2020

Most Popular

Do smart devices make us less intelligent?
artificial intelligence (AI)

Do smart devices make us less intelligent?

19 Oct 2020
Politicians need to stop talking about technology
Policy & legislation

Politicians need to stop talking about technology

21 Oct 2020
Best MDM solutions 2020
mobile device management (MDM)

Best MDM solutions 2020

21 Oct 2020