Reliance on the Internet means that all modern businesses face the threat of hacking and cyber crime. Even if you don't sell products or take payments online, use of email, holding customer information in digital formats and use of accounting software carries risk. Smaller businesses are particularly vulnerable to cyber crime, as they often lack IT expertise and resources.
Suffering a cyber attack can be devastating. As well disruption to trade if IT systems are out of action, companies also face loss of reputation and potential fines from regulators. Cyber criminals are constantly developing new methods for breaching security systems, and an understanding of the risks is essential.
Human error is one of the most causes common of an online security breach. No business can be totally secure against hackers and online fraudsters, but the majority of attacks can be avoided by basic prevention methods and good practices. The following are common mistakes business owners make with cyber security.
- Not having foundations in place.
Antivirus software and a firewall are the foundations of cyber security. Connecting to the Internet without these leaves the door open to hackers. It's not simply a case of installing security software and leaving it to run in the background. Scans and updates must be run in accordance with the manufacturer's instructions, and an active approach should be taken.
- Taking sole responsibility.
Responsibility for the online security in a business must be shared, and all staff have a role to play. A simple mistake by one person could cause problems for the whole company. All staff must understand the risks of opening attachments in emails, visiting social media and gaming sites on company IT equipment and not using secure password protections. Business owners should give clear direction on the issues of cyber security, but can't prevent attacks by their own actions.
- Thinking they are too small to be a victim.
Most of the reported cases of cyber crime involve attacks against large corporations, but thousands of small enterprises become victims every day. Small businesses are considered to be soft targets by cyber criminals, and their defenses are generally easier to beat. Hackers often operate as organized criminal networks carrying out large numbers of attacks at a time.
- Not securing wi-fi networks.
Accessing the Internet via wi-fi networks is a convenient way to connect, but it carries risk if you don't follow security advice. There are many ways to hack a wi-fi network, and some are surprisingly easy. Once a cyber criminal gains access, he may be able to download data from your systems or crack passwords. Using WPA encryption is the easiest way to secure a wi-fi network. Follow the instructions supplied with routers to ensure you activate all protections available.
- Not understanding cyber criminals' motives.
It's common to assume that hackers are bored teenagers working from their bedrooms. The majority of cyber attacks against businesses are actually committed by organized gangs. Many are based in China or Europe, and they share intelligence and resources to find companies to target. Cyber criminals are generally motivated by profits, and this is why use of ransomware has escalated in recent years. Terrorists are increasingly turning to digital crime to fund their activities.
Understanding how cyber criminals work and they methods they use to breach security systems helps to reduce the risk of becoming a victim. As we all as taking steps to prevent cyber attacks, business owners should have a recovery plan in case the worst happens.