24 Feb 2016
Can Small Businesses Fly Under the Cyber Risks Radar?
It’s a common response among small businesses. We’re not targets. We’re under the radar of Government Authorities and few if any of our customers or Patients will notice should we somehow lose their personal records.
Identity Theft and Privacy are very serious issues to the public at large.
Your clients, customers or patients are collectively potential victims and claimants, should the confidential records they entrusted to you become lost or stolen.
Worse still, complaints are no longer limited to private one to one phone calls and letters.
Unhappy customers and patients can easily find their way on to the Internet via Social Media platforms (or antisocial media depending on your viewpoint) such as Facebook and Twitter.
It’s easy to see how news of misplaced or stolen electronic records can spread like wildfire and reach the attention of the ICO (Information Commissioners Office).
The ICO has the power to fine you and impose actions and sanctions such as the monitoring of personal records known as PII (personal identifiable information) or PHI (personal health information).
Most if not all Small Businesses are clearly in the range of the Cyber Risks Radar. Protecting your reputation is essential and few SME’s have the skills or resources to manage such an event on their own. The cost of repairing reputations and security systems can be overwhelming without help.
Small businesses are not likely to be targets of sophisticated criminals but can be victims of stealth attacks from automated Malware or Ransomware crawling the Internet 24/7. All businesses are also vulnerable to accidental leaks and insider raids from discontented, greedy, or needy employees…..and former employees.
So there we have it…..No one is under the Cyber Risks radar and risk free and no one should ignore the damage that could be inflicted on their business from a Technology related incident.
What action can small businesses take which is affordable and reasonable?
Well a good start would be to review your Cyber Security by taking the Government endorsed Cyber Essentials test. It doesn’t ask for any private or corporate information and it is informative.
Next it would be a good idea to speak to experts in this field of risk. The Alan Stevenson Partnership has devoted much time to understanding these risks and coming up with practical and affordable insurance solutions.