Many small business owners think all they need to do when it comes to cybersecurity is to install an anti-virus package on their PC’s. And, of course, security software is essential.

Cybercriminals are constantly looking at ways of getting into your systems, and they’ll exploit any vulnerability. But just doing the minimum is like putting an armed guard on your front doorstep and then leaving the back door unlocked. With Ransomware and emailed threats rising daily, now is the time to act.

Risks include:

  • Old hardware or software
  • Unpatched or unsupported operating systems (e.g. Windows or macOS)
  • Not changing default passwords on your internet router
  • Poorly secured remote access – often with weak passwords
  • Allowing a staff member to use a computer for routine tasks while their login has “admin” user rights.
  • Staff untrained in the risks of cybercrime in areas like Phishing and social engineering.
  • …and many more.

But the good news is that you can deal with and mitigate the above risks. Use this as an opportunity to show customers how serious you are about cybersecurity, how you are protecting their data, and why they should do business with you and not your competitors.

Here in the UK, businesses like yours have the opportunity to become Cyber Essentials Certified, an independently verified self-assessment that proves you’re serious about cybersecurity. Issued in association with the UK’s National Cyber Security Centre, assessors will look at all the risk areas of your business and whether you are compliant in each of those areas.

Cyber Essentials can help your organisation in many ways:

  • Reassure customers that you take cybersecurity seriously
  • Be listed on the Directory of organisations awarded Cyber Essentials
  • Attract new business with the assurance that you have cybersecurity measures in place

In addition, most companies that get certified will also get free cyber-insurance, giving you as the business owner peace of mind that, should the worst happen, you won’t be left on your own.

Even running through the assessment questions, available for free, will give you a helicopter view of your business cyber-risk profile. So even if you don’t go ahead with the appraisal, downloading the free question list from IASME, the UK’s certification body, is a worthwhile exercise.

If you’ve never taken steps to look at your cybersecurity, you’ll need to take steps to bring your business into compliance before taking the assessment. There are many questions in the assessment, some technical, and unless you are well-versed in technology and cybersecurity, they could be daunting. That’s where a Cyber Essentials specialist, in conjunction with your IT Support Company, will help out.

At the time of writing, Cyber Essentials Certification costs just £300+VAT, and each assessment is valid for 12 months. And if you plan on marketing your business services to any public body, government, healthcare or emergency service, certification is a requirement.

If you have any questions about Cyber Essentials, Cyber Security or how to get your business ready for assessment, do feel free to connect with me here or email me, darrin@thetechnologiesgroup.com

Edit: If you’re seriously looking into this now, do please check out my article on cyber-insurance. https://cybersecure.business/how-to-protect-yourself-if-it-all-goes-wrong/

The Technologies Group is an award-winning IT Support business with a focus on cybersecurity. You can find our latest on-demand webinar, “Protecting your business reputation”, here. It’s mandatory viewing for both business owners and your entire team, details the risks and how to mitigate them, all in plain English.

(This article first appeared on our LinkedIn Blog: https://www.linkedin.com/pulse/its-time-get-serious-cybersecurity-darrin-salt/)