As a business owner, you might have seen reports of cyber attacks in the news or see social media accounts being ‘hacked’ and think that your business is not big enough, doesn’t make enough money or is not online so isn’t able to be attacked.

Sadly, these are very dangerous misconceptions and the consequences for your business could be costly, both financially and reputationally.

The latest UK government cyber breaches survey reports that in the last 12 months:

• 50% of small UK business were hit by a cyber attack or cyber breach

• 70% of medium and 74% of large were hit by a cyber attack or cyber breach

• 32% of charities were hit by a cyber attack or cyber breach

It’s estimated that the single most disruptive breach from the last 12 months cost each business, of any size, an average of approximately £1,205.

How could my business be at risk from similar attacks?

Small businesses, in particular, are increasingly becoming targets for cyber criminals due to their perceived vulnerability and lack of robust security measures in place.

It is important to understand that investing in cyber security is not just an option but a necessity in today's digital landscape. Implementing proactive measures to safeguard your business data and sensitive information is crucial to protect your operations and maintain the trust of your customers.

We have compiled ten steps to take to prevent cybercrime methods and attacks:

1. Use a Password Manager to keep track of your passwords - don't write them down on post-it notes!

2. If you receive a scam email or text message, don't click any links or attachments if you’re unsure that it is genuine. Clicking a link in a phishing email could download viruses onto your computer, or steal personal information. Send them to the Suspicious Email Reporting Service: report@phishing.gov.uk and forward any suspicious text messages to 7726.

3. If you purchase any new devices this month, don't forget to install the latest updates and patches. Installing the latest updates can stop criminals from exploiting faults in old systems or software.

4. When you use different passwords for your important accounts, it can be hard to remember them all. A good way to create strong, memorable passwords is by using 3 random words. (For example; purplehollypudding71!).

5. Avoid giving hackers the toolkit to attack your website, make sure you have a website firewall installed, update your CMS and control access management.

6. When creating backups, keep them separate, in a different location from your network and systems, or in the cloud.

7. When you're out shopping use mobile data or hotspot devices instead of public Wi-Fi where possible.

8. Keep your social media accounts secure by making sure you know which staff members have access and which devices are signed into each account.

9. Two-step verification (2SV) ensures that any new device trying to log in or make account changes needs a second layer of security before access is given. 2FA includes single-use codes being sent via SMS, email, phone, or smartphone application.

10. Download the NCSC's Cyber Security Guide for Small Businesses for an overview of the basics.

Need further support? The South East Cyber Resilience Centre can assist you with additional options:

The South East Cyber Resilience Centre (SECRC) itself is a small business which has been set up as a police-private sector-academia partnership, with the simple aim of raising cyber resilience across the South East region. Whilst cyber security can be complex and costly, the SECRC offers a free membership option which helps you understand some of the risks from cybercrime, but also offering support and guidance to businesses in the region.

By taking proactive steps to strengthen your cyber security defences, you can significantly reduce the risk of falling victim to a cyber attack and protect your business from potential harm.

If you have any questions or need further guidance on improving your small business cyber security, please do not hesitate to reach out. Remember, when it comes to cyber security, prevention is always better than cure.

Learn more: https://www.secrc.police.uk/free-information-pack