Ian Cass on small business and cyber security

Problems with cyber breaches are not only confined to big businesses, they can also affect small businesses. All businesses regardless of their size rely on technology-based systems. Sole traders and micro businesses may have a single desktop or laptop computer. Small and medium sized businesses may have introduced integrated systems with more than one computer, a shared CRM system or perhaps even outsourced to cloud based storage systems.

In this post GDPR world we live in, it is important to remember that all businesses only have 72 hours to report cyber breaches, or they could be faced with regulators and potentially heavy fines.

It’s easy for many of us to say “It won’t happen to us” but some breaches are not always criminal attacks on big businesses that we see widely reported in the media.

As business owners we need to be aware of all possible threats and not just the obvious attacks for criminal gain. Some breaches can be random, malicious attacks by hackers, some are caused by system problems as well as simple human error by your own employees or third-party contractors. On occasions you may have a disgruntled member of staff or third-party supplier causing nuisance.

The problems caused by such data breaches are serious and can have the following consequences:

1. Business Interruption

If you are a owner operator, the main impact is the time it takes you to investigate and rectify the breach. There is also a potential financial cost, as we are not all tech experts and may need external support to resolve the issue.

2. Reputational Damage

Having to explain the breach to customers is embarrassing and diminishes the trust you have built with customers and suppliers over time. It is also valuable time that you should be spending to grow and develop your business, instead of  having to do damage control.

3. Misuse of Customer Information

If customers are impacted by a flood of malicious, criminal or nuisance e-mails/phone calls due to a breach of your systems, they are imposed with unnecessary time and monetary costs, with your problem becoming their problem – they won’t be happy!

4. Data or Software Damage

If your systems and software are damaged there is a cost to repair and replace these items.

5. Extortion

You become open to criminal activity, “We have disabled your systems and we can get it and running quickly if you pay us!” OUCH!

6. Dealing with Regulators and Potential Fines

If you have got it wrong regulators may get involved and this can be very time consuming. If you have got things deliberately wrong, you could also be hit with a sizeable fine.

7. Loss of Intellectual Properties

If you have a small business with an intellectual advantage over your competitors, a breach will mean your advantage is no longer, and competitors will be exposed to your advantages.

So, what can small business owners do about the threat of cyber breaches? Well the first and easiest thing to do is ask yourself the simple following questions, with “What If?” being the best one!

  • “What if my systems stopped working, could I continue to do business?”
  • “Do I back up my system at the end of every day or week, depending on my own circumstances?”
  • “What if a member of my staff decided to take data for malicious reasons?”
  •  “Can I limit access to specific data?”
  • “Should I remove the ability for staff to download information on to memory sticks?”

By asking yourself the right questions to highlight potential risks, you can start planning how to eliminate risks to you and your business. By backing up your data and taking a long hard look at your internal risks you can dramatically reduce the chance of being victim to cyber breaches.

 

 

Leave a Reply

Required fields are marked *