Why small businesses should care about cybersecurity

Written byBen Rose
Updated 8th August 2016

After witnessing the fall-out of high profile data breaches, such as Ashley Madison and Talk Talk, the issue has been brought to the forefront of the world's attention. And while it might be the big brands that hit the headlines, it isn't just large organisations who are targets of these kinds of attacks.

There was a time small businesses were at a lower risk, with most of their data held on their premises and with security gateways firmly controlled. But things have now changed, with the introduction of cloud services along with increasingly sophisticated cyber criminals and malware, meaning no one is safe.

Digital Risks is often challenged by founders of small businesses as to why they should be concerned about cybersecurity, assuming their operations are either too small or their data is not theft-worthy. Unfortunately, that couldn't be more wrong.

So what exactly makes you a target?


You're too busy and hackers know it

Running a small business can be stressful. With long days and sleepless nights, who has time to think about data security? Let's face it, you have a lot on your plate and you haven't spent much time making sure you're protected.

Unlike large organisations who have the budget to hire an entire law and compliance department, you probably don't have any dedicated legal expertise internally. As a result, you may be overlooking your responsibilities around handling data.

Your data grows with you

It can be easy to lose track of the amount of data you've generated over time. Your customer database may have been small in the early stages but before you know it, you've met over a thousand potential clients and your CRM is full to capacity.

Leaky internet

Chances are you have freelancers or remote workers accessing your systems from a local coffee shop or a co-working space. If that's the case and there's no secure Wi-Fi connection, hackers can easily steal your data.

Your data is an entry point to the big guys

It's a common misconception that hackers won't be interested in attacking a business with little money or data. And while they probably don't care about the £80 order you took yesterday, your unprotected systems could give them a 'back door' into larger clients or suppliers, which is exactly what they're after.

Every website is a target

Hackers have a lot of time on their hands to spend trawling the internet in search of websites with vulnerabilities. If your VPS (Virtual Private Server) is compromised it can be used to fire out thousands of spam email, potentially blacklisting your IP address and costing thousands to repair. Check out this real-time hacking map to give you an idea of the number of attacks happening right now.

businessman with paper standing in night office

What next?

Now you understand how and why you may be vulnerable, it's time to be proactive and take the appropriate measures to protect your business.

  1. Install security software on your company website and keep all its scripts up to date

  2. Clear your cookies on a regular basis

  3. Educate employees on the value of cyber security and the importance of reporting anything suspicious

  4. Encrypt your smartphone

  5. Use a different password for each site that you use, using a password manager to maximise security

  6. Get a virtual private network that can protect multiple devices

  7. Avoid clicking links found in suspicious emails, even from business contacts

  8. Ensure employees aren't accessing sensitive data whilst connected to public Wi-Fi networks.

  9. Never save passwords and credit card details in your browser

  10. And last but definitely not least, have cyber insurance cover in place

Unfortunately, even with these prevention methods, you are never completely safe and all businesses, large and small, must now accept that cyber-attacks are inevitable. A data breach can cause extreme financial and reputational damage, that could even be the downfall of a start-up or small business.

The Information Commissioner's Office can impose a penalty of up to £500,000 if your business fails to comply with the Data Protection Act and, from the consumer perspective, data breach incidents are also a violation of their trust and privacy. That's why our cyber liability insurance covers you for any fines or penalties, extortion, system rectification costs, PR expenses and financial loss from downtime, following the event of a data breach.

It's only a matter of time before you're a target, so be prepared. Click here for a quote today!

5 Password tips for better SME security

Share this article

Related Posts

21st June 2019
1  minute read

Top 5 benefits of data privacy for startups

Startups are not immune to the threat of data breaches and have a responsibility to protect their customers’ data. That’s why startups need to intensify their efforts to gain their trust.

19th June 2019
1  minute read

The biggest cybersecurity threats of 2019

As cyber-crime becomes more common-place, all businesses – even small ones – need to be prepared.

23rd May 2019
1  minute read

Why is cybersecurity important?

Investing in cybersecurity technology, processes and training is vital for a small business. Here's why.