The top 3 cyber threats facing UK SMBs and how to protect against them

UK businesses are more likely to only conduct security training after a data breach takes place compared to those in the US or Australia.
Author:
Publish date:
Security

Webroot has unveiled a new report detailing the biggest cybersecurity threats small to medium-sized businesses will face throughout 2018.

The study found that the top 3 threats UK SMBs will face this year are ransomware, phishing and mobile attacks.

Webroot’s repot not only looked at the UK, but also SMBs in the US and Australia. It found that UK businesses are more likely to only conduct security training after a data breach takes place compared to those in the US or Australia.

So, what can UK SMBs do to help further protect themselves against cyberattacks?

“As our study shows, the rise of new attacks is leaving SMBs feeling unprepared. One of the most effective strategies to keep your company safe is with a layered cybersecurity strategy that can secure users and their devices at every stage of an attack, across every possible attack vector,” said Charlie Tomeo, Vice President of Worldwide Business Sales, Webroot.

“And for many businesses, relying on a managed service provider (MSP) when time and expertise aren’t readily available is a crucial step to strengthen their security efforts.”

Webroot has also put together some cybersecurity guidelines specifically for SMBs. They are as follows:

Always Be Educating: With threats continuously evolving, so must employee cybersecurity training. Training during onboarding isn’t enough. Employees need ongoing training to address the latest and most dangerous attacks.

Don’t Forget About Mobile. BYOD is now a reality for many companies. And while everyone wants to be connected, unknown devices brought in by employees also bring in unknown risks to the network. Finding a balance between providing employees corporate access and ensuring information security requires device control policies, device-level security and mobile workforce security training.

Email from My Boss or My Attacker? Phishing is the top attack vector, with cybercriminals becoming sneakier than ever. Even if the sender looks familiar, be sure to check the senders email address is legitimate and don’t click unknown links in social media, email, or text. Regular phishing attack simulations maximize awareness of different phishing methods and minimize the many consequences.

Evaluate Your Risk Profile: Every business has different risk factors. If you don’t have the expertise, an MSP can assess your security posture and work with you to develop a plan for ongoing risk mitigation.

Plan for the Worst: Develop a data breach response plan that includes security experts to call and a communications response plan to notify customers, staff, and the public. Make sure you are regularly backing up your data with hard data and offline versions. Remote computer backup could be vulnerable from ransomware and other threats if not ‘air gapped’. Research by the Better Business Bureau revealed that 50 percent of SMBs would operate at a loss within a month of a total data loss incident.

Related