To celebrate the fact that today is European Privacy and Data Protection Day, Manchester-based hosting company UKFast brought together a panel of cyber security experts to share their expertise and offer their advice to SMEs.
The top tips are:
Don’t ignore it, seek advice: Ross Keeping, technology expert at UKFast, said: “Cyber security is either seen as not very glamorous or just plain confusing. Business owners need to treat it in the same way that they would financial or legal issues and seek advice to find the best ways to stay secure and reduce the threats that their businesses face.”
Test and test again: Stuart Coulson, director for data centres at security firm Secarma, said: “This year cybersecurity needs to be at the forefront of every business owner’s mind. You should be testing for any vulnerabilities within your systems, fixing any holes and testing them again. This should be a regular process. Only then can businesses say that they are secure.”
Develop a risk register: Tony Dyhouse, cyber security director at ICT Knowledge Transfer Network, said: “SMEs in the UK are extremely rich in intellectual property (IP) but their knowledge on cybersecurity spans the whole range – some make well-informed judgements, other do not.
“I would strongly advise SMEs to develop a ‘risk register’ that summarises their business assets and the threats that they may face.
“This way, business owners can make an informed choice about the risks they take – making an informed choice in the threats that are protected against and the risks that are taken is the key.”
Invest in staff training: Craig Lawson, computer forensics expert, said: “Many small businesses do not have the appropriate skills in-house that are needed to stay fully secure online. I would advise these business owners to invest in staff training to equip the internal IT team with this skill set, or use a specialist company to fully secure your IT operations for you.”
Create an IT security checklist at work: David Cook, specialist cyber security solicitor at Pannone, said on preventing internal threats: “Train all of your staff and have an IT policy checklist that employees must stick to. This will reduce the risk of team members viewing inappropriate content, sharing confidential information or downloading malicious software that can affect your system or network.”