You_have_been_hacked_messageIt’s not the first time we have touched on this subject in our blog, but I think it is such an increasing threat to your business that the subject warrants an update.

According to the FSB (Federation of Small Businesses, The Voice July/August 2014), fewer small businesses are experiencing information security breaches and cyber attacks than a year ago, however the cost of dealing with incidents has increased significantly (research carried out by PricewaterhouseCoopers).

The research found that 60% of small firms experienced a security breach in 2013, compared to 64% in 2012. The average cost of the worst security breach they experienced in 2013 was between £65,000 and £115,000, compared to £35,000 and £65,000 in 2012.

The department for business (BIS) has published new guidance to help small and medium sized firms protect themselves against online threats. To read more about the scheme visit www.gov.uk/government/uploads/system/uploads/attachment_data/file/317482/Cyber_Essentials_Assurance_Framework.pdf


Protecting your business from Cyber crime and information theft

ISO 27001
An alternative route is to the BIS scheme is to achieve the International standard ISO 27001.
This is an Information Security Management System (ISMS) that is auditable to international standards and provides a structure to help you improve the security of your information.

You should always use a trusted certification body, which is UKAS accredited.

Cyber risk insurance
For ultimate peace of mind, you may want to consider taking out an insurance policy in case the worst happens. In view of the high costs involved in recovering from a breach, you can now mitigate the financial impact by taking out insurance that covers a variety of expenses including; IT support, adverse publicity, legal implications and financial loss.

A good commercial insurance broker will be able to help you with this.

IT support
Regardless of whether you have implemented management systems to limit your risks or taken out insurance to recover your costs, you are going to need some expert advice and support to strengthen your security and help you with damage limitation. You will need to identify where and how the breach was made, what damage was done and help to get your systems up and running again as fast as possible. You will also need to look at preventing a further breach.

To discuss the best way to protect your business from the effects of cyber crime or for contact details of local providers who can help you, please call one of our team on 01584 890725.

 
 

24th July 2013
cyber-attackCyber attacks are on the increase according to a government survey*:
  • 87% of SMEs suffered security breaches last year
  • 10% up on last year
  • The average number of breaches for small organisations was 17
  • Cost for small businesses for the worst breach was between £35,000 and £65,000
Many businesses do not have an information security management system in place and rely on the vigilance of their staff to keep the company‘s information assets safe and virus free.

There are many areas to consider, for example:
  • Anti-virus anti-spam firewalls
  • Security updates on software
  • Password policy
  • Wireless network security
  • Staff training
  • Back-up plans
One of the most regular services our IT support team has to carry out is for virus removal from PC’s that are infected via email or the internet. This also highlights any holes in back-up and recovery plans when we have to reinstate information and files that have been corrupted.

International standard ISO 27001
There is an Information Security Management System (ISMS) that is auditable to international standards that will provide structure and control to help you improve the security of your information.

By implementing a robust management system that is audited every year you can minimise risk and make sure you can recover quickly from any security breach. It also demonstrates to your clients that you have a policy in place that will protect their information and ensure continuity of business if an incident occurs.

You should always use a trusted certification body, which is UKAS accredited.

For more information on cyber crime and protection, call one of our team on 01584 890725.

*Read the survey here https://www.gov.uk/government/publications/information-security-breaches-survey-2013-technical-report

Mark Langston

Click to Sign Up to our email newsletter and receive our "Guide to web design and online marketing".

Get some useful tips to help improve and promote your website and increase conversion rates.