Cybersecurity has become a hot topic in recent times following some high profile cyber-attacks with major economic and reputational ramifications on businesses.
I was very fortunate recently to host a podcast with Peter Maynard from CyberMetrix, an expert in the field. We discussed this impact of cyber risks and security, particularly on small to medium-sized businesses.
Peter highlighted the biggest myth out there is that this is seen as a technology issue which can be solved technically. For the most part, the IT controls in place are relatively well-managed, but it’s the people element that leaves many organisations most exposed.
SME business owners are focused on the day-to-day running of their business. It’s acknowledged that resources are limited and dealing proactively in terms of cyber risk management is not realistic. So, there are a few key take-aways from the podcast I’d like to share that can seriously benefit SMEs in this area:
- Provide security awareness training to staff and build their understanding of social engineering. By equipping staff with valuable knowledge in this area, businesses can significantly reduce their risk of cyber incidents.
- Develop a simple, one-page incident response plan. A business owner is very capable of dealing with incidents, with a lot of information stored in their heads. What if the owner is unavailable when the incident takes place? Key staff should have access to this document to know step-by-step how to tackle the issue.
- Identify your most valuable digital assets, typically email and any systems that contain financial and customer information. These MUST be protected using multi-factor authentication which is not costly to implement.
To find out more, listen to the full episode on our Digital Economy Hub here.