The perception that cybersecurity is an increasing challenge for businesses is now more pervasive than ever before.
The challenge for businesses is how they respond to this issue.
According to a recent º£½ÇÊÓƵ cyber security breaches survey, around 75 per cent of organisations say cyber security is a priority - and yet only 36 per cent have a security policy in place and around 31 per cent have conducted a cyber risk assessment in the last 12 months.
READ MORE: {}
Dr Daniel Prince, senior lecturer in security and protection science at Lancaster University, maintains that there's a need to turn "awareness into action" within the business community.
He explained: "The business community needs to support each other to overcome this gap and empower businesses to act.
"In part, this is about education in what to do, but also this must be about integrating cyber security practice into everyday business practice.
"Digital technology is integral to all business in some way, therefore cyber security has to be integral to the way businesses operate and develop their culture."
Dr Prince points to the National Cyber Security Centre (NCSC) as an important first resource for anyone looking to protect themselves.
Most Read
He added: "It has been shown by truly adopting the approaches in the Cyber Essentials Scheme, around 80 per cent of all attacks can be prevented."
According to the NCSC’s scheme, the basics are:
Protect your internet connection...
Check the settings on your main business internet connection device to prevent malicious traffic in and out. But also check the firewall settings on your personal devices.
Secure your devices and software...
Change default passwords and choose password that are easy to remember but difficult to guess. Add extra layers of security in the form of two factor authentication for important services, such as banking, social media etc.
Control access to your data and services...
Don’t miss
Think about who can access your data and set the accounts and their permissions accordingly. This also includes thinking about who can run which applications.
Protect yourself from malware...
Every main operating system should run some anti-malware. Ensure you have something running to protect your device from malicious files.
Keep devices and software up to date...
One of the simplest and easiest ways to do this is to make sure updates and patches are consistently installed as well as keeping your antivirus up to date. This feature is built into most operating systems and should be straight forward to do with no technical expertise.
Create a security strategy...
Beyond this simple check list companies need to start thinking about building a security strategy.
A cyber strategy helps to define why you are doing cyber security and from there the business can work out what it needs to do with the resources it has.
When asked whether cybersecurity now affect SMEs and multinationals in equal measure, Dr Prince replied: "Any business using connected internet devices to connect its activities is exposed to the cyber attacks that are discovered every day.
"Larger organisations generally have more connections and so have a bigger attack surface, when compared to smaller businesses.
"This results in larger organisations experiencing more attacks, whether successful or not.
"The challenge is when those attacks are successful.
"For smaller organisations the costs of suffering a successful attack are disproportionately large in comparison to bigger organisations.
"In fact the US National Cyber Security Alliance reported in 2017 that 60% of small business go out of business within six months of a significant cyber breach.
"SMEs need to think about becoming resilient and having cyber security ingrained in their business and operating culture, not just as a check list exercise to comply with regulations.".
Lawrence Jones, CEO of º£½ÇÊÓƵfast, says : "It is absolutely astonishing how many people are leaving their data vulnerable because they are not covering the very basics of cybersecurity.
"Companies like º£½ÇÊÓƵFast and Secarma are here to help with the technical aspects of protecting your business online, through innovative technologies, but there is also so much that you can do yourself alongside this to keep those secure foundations in place.
" The absolute foundation of this is password security. I was astounded to see that ‘password books’ are actually available to buy! Imagine how valuable a list of all of your account passwords is if it got into the wrong hands!
"The same applies to jotting down a password on a post-it note and sticking it to your monitor. We should all know so much better by now!
" However, research released in April this year by the º£½ÇÊÓƵ’s National Cyber Security Centre (NCSC) shows that 123456 is still the most widely used password on accounts that are broken into. The sequence of numbers appeared in more than 23 million passwords analysed in the research.
" The centre’s advice is to use three random words as passwords to make them hard to guess and harder to crack.
"The longer and more complex the password the better. There are so many tools now to suggest strong passwords – most smartphones offer this as a default.
"Equally, there are a multitude of options for two-factor authentication – where there are two steps to log in, a password and a code texted to a phone or generated by another device for example.
When you combine these strong foundations of protecting your log in information, having strong passwords and two-factor authentication, and you put it to the test with services like penetration testing (a team employed to hack into your accounts to find weaknesses and how to strengthen these areas), you’re in a much stronger position to keep your online presence protected."