“One third of Irish companies have been targeted by cyber attacks in the last two years” (PWC)
It is important to remember that such attacks are only increasing in both complexity and frequency leading up to €1.7 million in losses to Irish firms in 2016 alone.
What are the biggest cyber security threats that face SMEs?
“Ransomware is probably the biggest threat, as many companies are probably not prepared for the impact that it can have. There’s nothing quite so stomach-churning as discovering that all the backups had failed many months ago and that there’s no way of restoring this data.”
Vince Warrington , Protective Intelligence
“The first was distributed denial of service (DDoS) attacks, the second was data breaches, while now we’re seeing an increase in malware and smart intelligent attacks, of which ransomware is part.”
We’ve seen the threat change from isolated to combined attacks that involve both phishing. We’re also seeing more attacks targeted on high-value individuals, such as board members and IT staff.
Mark Skilton, Warwick Business School
To what extent are employees to blame for the success of attacks?
“There’s a role for the organisation itself to prioritise cyber security, both in terms of the technical solutions that it puts in place, and staff and customer education programmes.
“We need organisations of all sizes to move away from the ‘It won’t happen to me’ mindset, because all organisations are at risk. They must also ensure that good cyber hygiene is second nature.”
Jennifer Shiels, UK Home Office’s Cyber Aware Campaign
Where’s best to start when it comes to putting a security strategy in place?
“First, SMEs should secure their network via a good firewall or unified threat management (UTM). This is an advanced firewall that also restricts dangerous websites, stops malicious emails, prevents network exploits and more.
“Second, protect your business from malware and hackers by using strong next-generation anti-malware product. Finally, control access to your IT – restrict access where necessary.
“Encrypt devices where they contain sensitive information. This ensures that if a device is lost or stolen, the data that it contains can still be kept secure. But make sure you use a management tool that can prove that they were encrypted if lost.
“For mobile devices you might want to consider a mobile device management solution.”
John Shaw, vice president, product management, Sophos
How can SMEs keep on top of new threats, given that budgets are often tight?
“Remember that effective security controls could already be built into products. For example, the Windows operating system has a lot of security baked in – it’s just a matter of managing it.”
“Also, apply the appropriate restrictions to [to certain users] and remember to install the latest security patches. Staying up to date on these can help stop a large majority of cyber threats and could have prevented the chaos caused by WannaCry.”
Mr Shaw, Sophos
What are top cyber security tips for SMEs?
Constantly updating your systems software and hardware is the only way. Hackers don’t stop innovating, yet many businesses still run the same security tools as they did 10 years ago.
The hygiene basics, such as updating software and operating system patches, are too often seen as an irritant, rather than a necessity.
- Don’t get lured by lucrative online offers
- Use the best Antivirus available
- Keep changing your passwords for emails as well as social networking sites – an excellent resource for this is password management
- Avoid monetary transactions on public computers
- Configure your PC properly
- Choose websites that ask you for double verification
For more information on this read GDPR issues for Small Businesses and Top Tips to buying online in a safe and secure way.
Also Cyber Expo Ireland is set to take place 29th November in Dublin 2017.