It’s a routine Friday morning in the office and it comes as a shock to see blood red text suddenly invading your computer screen. The anonymous author is demanding $300 in bitcoin to decrypt your files. It’s not the best timing but $300 seems manageable enough. You get on the phone to your IT department and the panic starts to set in when you realise that the firm’s entire operating system is infected. The systems might be down for a day or longer. It’s going to be ugly.
Sound like a nightmare? It was a reality for many businesses. On 12th of May 2017 a strain of ransomware called WannaCry spread around the world, infecting hundreds of thousands of targets, from SMEs to government organisations to large corporates. It was a vicious virus and cost millions in ransom payments, lost productivity and loss of reputation.
The good news is that with a few precautions you can drastically reduce your cyber risk. More on that later. But first let’s get a reality check: the chances of a cyber-attack happening to a small business are low … right? Wrong.
Nearly half of all cyber-attacks target small businesses
Hackers love small businesses. Why? Most owners don’t realise that they’re at risk of cyber-attacks. Many small businesses don’t adequately invest in cybersecurity software such as spam filters, anti-virus protection or firewalls. Many of their staff don’t understand how to detect cyber risks or what to do when under attack. Ill-prepared small businesses are low-hanging fruit for hackers.
Everyone is vulnerable
It doesn’t matter whether you are big or small, you are at risk. We rely on a connected world from online banking to electronic invoicing. If your business uses the internet, there is someone out there that knows how to scam you.
The cost of failure can be crippling
Cybercrime costs businesses billions of dollars globally every year. The impact for small and medium businesses can be devastating. Just a few of the costs your business could suffer are:
- Ransomware payments
- Stolen income
- Stolen intellectual property
- Brand and reputational damage
- Operational downtime / lost trading
- Fines and penalties
- Compensation for customers
How do I protect my business from cybercrime?
Protecting yourself and your business from cybercrime is not as hard as it sounds. With a few basic actions and without great cost (especially compared to the alternative) you can minimise your risk significantly. These are:
- Educate and train your staff on how to spot scams and hacks and what processes to follow
- Keep your software up to date (anti-virus, spam filters, firewalls and also operating systems and apps)
- Back up your data
- Have a response plan for managing cyber-attacks or cybercrime
- Take out cyber insurance. Protective software and staff training minimise the risk but if you’re caught out then insurance will mean the cybercrime doesn’t kill off your business
How can you reduce your cyber risk and reduce insurance premiums?
With Dacreed's powerful online compliance training you can train managers and staff on cyber risks. Once completed, you'll be able to demonstrate a lower risk profile to our partner insurers and get lower premiums – saving you and your business money.