News

Ten tips to protect your business from cyber crime

16/02/2012

Bluefin Insurance Services is advising SMEs on safeguarding their business from the growing threat of cyber crime which is costing the UK around £21billion a year.

1. Cyber crooks are increasingly targeting small businesses which lack the security expertise, data protection and response tools that large companies have at their disposal, with 77 percent of businesses suffering some form of breach in a single year.* Many traditional insurance policies have failed to keep pace with the growth of virtual crime so the first step is to examine your current insurance policies and consider whether specialist cover is required.
2. SMEs may be tempted to cut back on anti-virus software to make savings, however with businesses increasingly relying on email and the internet, the potential damage from malicious 'cyber' attacks has risen dramatically. Review IT systems and ensure anti-virus software is updated regularly - it will be worth the investment.
3. Conduct a cyber crime risk assessment to identify weak points in security. Most SMEs do not have the resources to continuously monitor for breaches, so tightening up processes before a cyber attack happens will save time and money. 
4. Similarly, the majority of SMEs don't have an in-house lawyer or IT specialist to fall back on so it's important to provide all employees (and yourself) with training to highlight ways to improve data security as it will be them (and you) in the firing line if things go wrong.
5. Many companies hold personal information of their clients and disclosure of this through hacking or lost laptops may breach data protection law, resulting in costly legal action. So even if your business is under pressure, make time to prioritise cyber crime and ensure your employees are aware of their responsibility to protect client data.
6. The Cabinet Office report* identifies businesses in IP intensive industries (such as pharmaceuticals and manufacturing) as being most at risk of cyber crime. Businesses in these fields should consider taking out extra protection.
7. Many SMEs do not upgrade their computer systems as often as bigger businesses, leaving them even more vulnerable to a cyber attack. It's worth investing in up-to-date machines with better security as the initial outlay will be far less than the cost to your business in the event of a security breach.
8. Cloud computing has become an increasingly mainstream feature of many businesses, however SMEs must ensure they have a clear understanding of the risks and potential liabilities involved.
9. It's worth researching which insurer will best serve your needs as there are policies available to suit particular areas such as breach of network security; privacy liability; crisis management to mitigate reputational harm; and cyber extortion.
10. The MoJ has authorised the Information Commissioners Office (ICO) to levy fines up to £500,000 for losing customer data - something that SMEs working to much tighter budgets than bigger businesses should bear in mind.

*Source - The Cost of Cyber Crime - Cabinet Office/Detica - February 2011
http://www.cabinetoffice.gov.uk/sites/default/files/resources/THE-COST-OF-CYBER-CRIME-SUMMARY-FINAL.pdf

> back