The Heartbleed, GameOver Zeus and Cryptolocker viruses have hit the headlines recently and highlighted the increasing threat that Cyberfraud poses for the modern-day small business owner. Recent research suggests that cybercrime costs small businesses around £800 million every year with little chance of recovery, while telephone hacking can cost as much as £30,000 over just a two-day period, making it all the more important to ensure your businesses is protected.
What’s more, failure to put adequate measures in place could see you facing fines of as much as £500,000 for cyber breach and data loss under UK and EU legislation such as the Data Protection Act. Other potential threats include loss of company devices, social media misuse and hacking.
With 60% of small firms reporting security issues last year, and a major breaches costing a small firm on average between £65 – £115k it pays to protect your business. Some top tips to reduce the chances of the worst happening to your business include :
- Carry out a risk assessment to assess the threat cybercrime poses. For example, if a number of your employees are on your computer network using the internet every day you may be at higher risk than if you just have one company computer that is very rarely used.
- Create a business security and disaster recovery plan – If data disaster did strike your business, you and your staff need to know how you would keep the business running.
- Back up your business data – A back-up is a copy of your data, usually kept on a data storage device which is then secured away from the original. It should be taken regularly and include customer details, employee information and bank details as it’s your responsibility under the Data Protection Act 1998 to safeguard this information.
- Protect your business from viruses – These present the biggest online threat to your business data. Not only are they designed to cause disruption, but they can target personal data stored on your system (including that of your customers) and cause you to lose important data.
- Stay alert for signs of fraud such as ‘phishing’ scams – These try to get you to part with financial details and website traffic being diverted to a bogus site or orders being directed to a different server. Make sure you meet payment security requirements. If you take payments via your website or any other situation where the cardholder is not present, you need to make sure you comply with the Payment Card Industry Data Security Standard (PCI DSS).
The Forum is all too aware of the increasing threat this poses to members and if you would like to talk to us more about your cyber risk management please contact our membership team today on 01565 626001