Cyber security risks persist. Your staff could be key – get them trained!
However, the risks are just as real in small businesses and many cyber criminals don’t use sophisticated technologies – they rely on the actions of the people within those businesses to help them succeed.
A survey which was carried out by one of the leading anti-virus companies, suggests that social engineering attacks represent the most real and immediate threat to the health of small and medium sized business.
Of the business owners surveyed, 24% considered phishing scams as their most significant threat – the highest for any single method of attack, and ahead of ransomware at 19%.
What do these attacks involve?
Social engineering is the use of deception to manipulate people into divulging confidential or personal information that may be used for fraudulent purposes.
Phishing is a type of social engineering which involves emails from fraudsters, purporting to be from reputable sources, with the aim of inducing individuals to reveal information which will allow the fraudsters to extort money.
The impact on your business can include hours of unproductive time, financial loss, data loss and reputational damage.
Examples include the “bogus boss” scam where employees are duped into thinking they are receiving instructions from a senior colleague, leading them to send a payment to a fraudster.
How are businesses responding?
In general, UK businesses are not responding to this threat very well. Only around a third of business owners are providing their people with cybersecurity awareness training.
The biggest challenge with phishing attacks is that they work because people let their guard down. You can have the latest antivirus software and firewalls in place, but if your employees are not vigilant, fraudsters can still succeed. It’s a bit like having a series of padlocks but lending a criminal all the keys!
What can you do about it?
HJS Technology provides cyber security awareness sessions for your employees, which cover what to look out for and how to identify when something isn’t genuine.
We can even arrange to send a simulated phishing attack – a safe version of what a cyber criminal’s approach might be – to assess how your people are likely to react to such an approach.
To find out more please give us a call on 0808 1644 222 or contact us here.
Concerned your IT equipment may not be up to scratch? Keep check on your IT equipment with our FREE quarterly report.