New investment in the fight against cyber crime
Posted on by Katie Hook
Estimated read time: 5 mins
It’s estimated that small businesses are the victims of over seven million cyber crimes every year1, costing the SME community a staggering £5.26 billion annually1. So it comes as no surprise to find that The Federation of Small Business (FSB) has welcomed the launch of the new Cyber Security Strategy aimed at protecting UK business and government.
Cyber crime has a huge impact on any business (or anyone) it affects; however, some think that smaller businesses are more vulnerable to attacks and can often take longer to bounce back than larger companies. It’s for this reason that many people insist that small and medium enterprises (SMEs) deserve a clear focus in this new Cyber Security Strategy.
Mike Cherry, FSB Chair, says “When a small business is attacked it can lead to weeks of delayed or lost orders, significant financial loss and damaged reputations,” he further added “we would like to see the Government do more to provide small businesses with support to improve their basic cyber resilience.”1
What are the threats?
According to the FSB, the main types of cyber crime small businesses are a victim of are:2
- Phishing 49% — “a form of fraud in which the attacker tries to learn information such as login credentials or account information by masquerading as a reputable entity or person in email, IM or other communication channels.”3
- Spear phishing 37% — “an email spoofing fraud attempt that targets a specific organisation, seeking unauthorised access to confidential data.”3
- Malware attacks 29% — “any program or file that is harmful to a computer user. Thus, malware includes computer viruses, worms, Trojan horses and also spyware, programming that gathers information about a computer user without permission.”3
- Card not present fraud 10% — “the unauthorised use of a payment card when the cardholder does not physically present the card at the time of the transaction.”3
Prevention is better than cure
As the saying goes ‘Prevention is better than cure’ and it’s clear that’s part of the Governments plans within the strategy – to prevent attacks before they happen.
Three key areas were announced in the Cyber Security Strategy, Defend, Deter and Develop – with the first emphasis being on ensuring the UK has the systems in place to defend against threats and become resilient to attacks in the future.
Significant investment will go towards the deterrence of persistent attackers, by the recruitment of cyber crime specialists and strengthened law enforcement.
There will also be substantial funding going towards the development of cyber security for the future, as well as investment in students and experts in the relevant fields.
What can you do in the meantime?
Cyber attackers and computer hackers are clever and are continuously finding new ways to out-smart their victims. Quite often SME owners are too busy tending to the day-to-day needs of their business to notice any suspicious activity, meaning attacks can go unnoticed for days.
The Government’s investment in cyber security will be great for the economy and the SME community when implemented, however this is a five-year scheme and it is likely to take time to see any improvements, but what can you do in the short term to help protect yourself and your business?
Getting the basics right is the advice of gov.uk:4
- Download software updates Most software updates include vital security upgrades to help your business and devices stay safe and secure.
- Use strong passwords Try to use a mixture of upper case and lower case letters, plus numbers, symbols and multiple words all help to increase the password strength. Also remember to change passwords regularly.
- Delete suspicious emails If it looks suspicious, delete it – certainly don’t click on any links as these often contain viruses.
- Use anti-virus software Install anti-virus on all PCs, laptops, tablets and phones, it will help detect and delete any malicious software trying to infect your device.
- Train your staff Ensure your staff understand cyber threats and the processes in place to deal with them.