The initiative will also enable firms to access services from the UK cyber security industry, and help them to adopt Cyber Essentials, a government-backed, industry supported scheme to help organisations protect themselves against common cyber-attacks.
With small businesses still guilty of underestimating how valuable their data is to the global, cybercriminal network, I fully support the initiative and would advise any small business to take advantage of the offer. In the UK, many SMEs are still not investing in appropriate small business security measures - recent government figures suggest SMEs with 100 or more employees spend about £10,000 per year, while the smallest firms spend as little as £200.
It’s clear that more guidance is needed, and with so many resources now available there is no reason not to be better informed. I wonder if this news has prompted you to consider your own cyber security needs and if so, how many of you plan to sign up?
It would be great to see similar schemes rolled out beyond the UK, and I fully expect this will happen as security continues to rise further up the news agenda. For those not eligible for schemes such as this, I would advise you to adhere to the following best practices:
- Educate your staff via in-person training sessions and by providing regularly updated resources on the threats landscape
- Always make sure your customer data is stored in an encrypted database
- Require multiple levels of passwords to access any database storing customer information; and change these passwords frequently
- Regularly run background checks on employees handling customer data
- Make sure to have malware detection software running on both your servers (hosted or not) and workstations and that it, and your operating systems, are regularly patched and updated
- Review and implement the standard network security health check controls
- Make sure your Crisis Management or Disaster Plan (which you should also have) includes a data breach plan
With the volume and scope of small business security threats on the rise, SMEs simply cannot afford to wait and risk becoming the next breach we read about in the morning papers. It’s great to see that government is taking further steps to address the cyber security issues SMBs face, but it’s an issue we all need to address – both as businesses and employees.
For more information on keeping your business safe, visit the AVG Business website.