As the war in Ukraine drags on and sanctions are leaving Russia isolated, Russian hackers are busy attacking Western networks. Cyber criminals have already hacked payrolls belonging to organisations including Boots, British Airways and BBC. Compromised information included banking details, National Insurance numbers and home addresses. In addition, figures show that 48% of small firms and 59% of medium firms identified cyber breaches or attacks over a period of 12 months alone. SME cyber security is more important than ever.
Cyber Action Plan
We’ve already published a helpful article on small business cyber security, as well as others on email security and data theft. One of the key things SMEs need to know is that the National Cyber Security Centre (NCSC) has a remit to help small businesses. One way it does this is via an online publication called Small Business Guide: Cyber Security. This contains lots of useful information, including tips on protecting your organisation from malware, protecting your data and avoiding phishing attacks.
If you haven’t yet read this guide to SME cyber security, we strongly recommend you do so. We’d also recommend visiting the NCSC site to create a free cyber action plan.
Hands-on tools for SME cyber security
The NCSC has an interactive service to help improve SME cyber security. If you visit this page, you can perform a range of simple checks that can identify common vulnerabilities in your public-facing IT. The checks are remote – you can complete them using your browser and you don’t need to install any software.
What are the new SME cyber security checks?
The first check allows you to check whether your IP address and website have any common weaknesses that could let criminals access your networks or devices.
As you can see, the check is very simple. The system automatically detects your IP address (although you can add a different one manually). You can also add your company’s domain, which in our case is thp.co.uk.
(You’ll note that we’ve blanked out our IP address).
When you submit the form, you’ll hopefully get a screen like this. You’ll see that no vulnerabilities were found. You also learn that the system checks for database servers, remote access methods, file shares and administrative interfaces.
Web browser check
The second service that’s available is a web browser check. The more out-of-date your browser is, the more vulnerable it is to hacking. That’s why it’s important to update every browser you use as soon as you can.
All you have to do is visit this link to check your browser. You’ll get a screen that looks like this.
If, like me, you haven’t updated your browser, you’ll get a screen like this one.
Then you’ll get advice on how to update your browser (I’ve done this now). You can also set an email reminder to check your cyber security every 28 days.
Upcoming SME cyber security service
The NCSC also has an ‘Email Security’ service that allows you to check if your email domain has good practice protections in place. It will help you discover how secure your emails are and whether they are hard for criminals to forge.
Summary
SME cyber security is increasingly important. The tools from the NCSC are basic, but they are helpful if you are not an IT expert and want to check the security of your domains, IP addresses and web browsers. We’re interested to see how the new email security check will work.
Given that the average cost of a cyber breach is £11,000, it’s worth paying attention to cyber security. You don’t want to make a hole like that in your accounts!
About Ben Locker
Ben Locker is a copywriter who specialises in business-to-business marketing, writing about everything from software and accountancy to construction and power tools. He co-founded the Professional Copywriters’ Network, the UK’s association for commercial writers, and is named in Direct Marketing Association research as ‘one of the copywriters who copywriters rate’.