Top 3 Cybersecurity tips for small businesses

Small businesses don’t need cybersecurity tips?

Over recent times, high profile cyber attacks on companies such as Sony have helped raise awareness of the rapidly growing threats posed by cybercrime. However, recent surveys conducted by Symanetic and other cyber-security organisations showed that many small business owners are STILL operating under a false sense of security and ignoring cyber security tips.

The statistics taken from these studies are pretty disturbing. The majority of small businesses lack a formal internet security policy for employees. On top of this, only around 50% of companies have rudimentary cybersecurity measures in place! Furthermore, only about a quarter of small business owners have had an outside party test their computer systems to ensure they are ‘hacker proof’ whilst nearly 40% do not have their data backed up in more than one location.

These are all common precautions you would expect would be taken, right? What about creating and changing complicated passwords on a regular basis? Small business are failing to do even these simple things.

Maybe the task of implementing so many measures is too daunting? This is why we’ve split our cybersecurity tips into three small, simple, basic steps which make it easy for small businesses to use.

1. Don’t Equate Small with Safe

Despite significant cybersecurity exposures, 85% of small business owners believe their company is safe from hackers, viruses, malware and data breaches. This disconnect is largely due to a widespread belief that small businesses are unlikely targets for cyber-attacks. In reality, data thieves are simply looking for the path of least resistance.

Symantec’s study found that 40% of attacks are against organisations with fewer than 500 employees.

Where are these attacks come from?

Outside sources like hackers aren’t the only way in which your company can be attacked. Often smaller companies have a ‘family-like’ atmosphere and put almost too much trust in their employees. This can, unfortunately, lead to complacency which is exactly what a disgruntled member of staff needs to execute an attack on the business.

According to the 2013 Information Security Breaches Survey released by the Department for Business, Innovation, and Skills (BIS), 65% of small businesses were attacked by an unauthorised outsider in the past year. The survey also found that nearly 50% of the worst breaches were caused by an inadvertent human error.


2. Be Vigilant

More often than not, employees can be the weakest link in YOUR companies security chain. However, if you are able to educate your employees on the risks posed by cyber attacks, they can, in fact, become your strongest assets. The exploitation of employees such as convincing them to open an infected email or file is a common cause of cyber breaches. Employees should be aware of the common tactics used by hackers such as phishing and social engineering.

First of all, make sure your company policy highlights exactly what is and is not acceptable behavior. By using this as a base; you can then provide cybersecurity training which you deem to be appropriate from then on. This could be as simple as showing employees what a phishing email looks like or explaining how your companies spam filter operates.

Vigilance is key to protecting your business from cyber security breaches. For example; employees should make good practice of locking computers when leaving their desks or putting any USB devices in a locked drawer when they are not in operation. Moreover, any unnecessary documents, sensitive or not, should be shredded and disposed of securely.

Finally, it is certainly worth considering partaking in cybersecurity accreditations to show your customers that the company does take cyber security seriously.

A well-known course which most small businesses should partake in would be Cyber Essentials or Cyber Essentials plus.


3. Software Updates are key

Nowadays businesses tend to run most of their operations via computers. In doing so, they are also granting access for various different software to be installed and then run on company computers. Unfortunately, with each piece of software that you authorise to run on your computer, your business is at increased risks of being vulnerable to a cyber attack.

You might be wondering why installing software poses a risk to your business?

Despite the best efforts of developers, it is not possible to create perfectly secure software. This means software must be patched and maintained to ensure it remains protected as new flaws and vulnerabilities are found. It is recommended to set software to update automatically if possible. If you cannot do this, set up a schedule or a reminder to that you do update any software as soon as possible.

In addition to this, it is important that when setting up a new device that you remove any unnecessary pre-installed software. This can stop you forgetting to update any software that you do not need/use and in turn, increase device security.

A working example;

When the wannacry ransomware attack first appeared, windows tried to protect their computers by issuing a patch for their users. However, many people did not complete the updates and thus found themselves subject to an extremely dangerous cyber breach.

It is certainly worth keeping a close eye on the windows security patch section of their website in order to make sure you are keeping your company safe.


Attacks Could Destroy Your Business;

As larger the larger companies continue to get serious about their data security, small businesses are becoming increasingly attractive targets; and the results are devastating.

The cost of an individual security breach can vary. This really depends on the type of data compromised and the amount of data which is stolen. However, cyber attacks can cost hundreds of thousands of pounds.

How many small businesses do you know with mega money sitting, waiting to be spent? Make sure you are following the recommended cybersecurity tips, you could potentially save your business huge amounts of money,

Furthermore, Businesses are required to keep personal and sensitive data safe in order to comply with Data Protection and GDPR. Violations of these acts could result in substantial sanctions. Unfortunately, many businesses continue to put off making necessary improvements to their cybersecurity protocols. Don’t leave it too late to protect your business.



Using our cybersecurity tips will prove to be extremely useful for you and your company IF they are implemented correctly. Such simple measures could save your company an abundance of money.

Ransomware, infected machines and failing to comply with data protection and GDPR can and will prove extremely costly for your company.

Makes sure your business is implementing these key measures to ensure your business is safe online. CyberBee Insurance cover is the correct option for your business AFTER all security implements are in place. We consider it to be the final line of defence.



Leave a Reply

Your e-mail address will not be published. Required fields are marked *

Stay current with the latest news

Cyber Risks. Business Protection. Secure Customers.

The Knowledge Hive

Sign up below to receive new updates

Back to top