Back to Knowledge centre
,

A beginner’s guide to cyber security (and why it’s important)

6-minute read

Hooded hacker breaking into corporate data servers.
Image credit: Gorodenkoff/stock.adobe.com

Cyber attacks have been regularly hitting the headlines in recent years, with big names including Marks & Spencer, Co-op, and Harrods all suffering huge losses. But it’s important for businesses of all sizes to have an effective cyber security plan in place.

Perhaps you have an online shop, collect data from your customers, or take online payments and store credit card details. All this information is vulnerable to cyber attacks and data breaches.

‘A wake-up call for every business in the UK’

The government is taking action to boost the UK’s cyber protection. It’s also urging businesses to make sure they have the measures in place to protect them and a response plan to minimise the impact of an attack.

Pat McFadden, Chancellor of the Duchy of Lancaster, said: “These attacks need to be a wake-up call for every business in the UK.

“In a world where the cybercriminals targeting us are relentless in their pursuit of profit – with attempts being made every hour of every day – companies must treat cyber security as an absolute priority.”

The NCSC’s Small Business Guide has tips to help protect businesses from cyber crime.  

Cyber attacks in the news

Stolen customer data, empty shelves, and disruption to online operations are just some ways the recent cyber attacks have impacted businesses.

M&S had to halt online orders as a result of a hack, customers weren’t able to buy online, and customer data was stolen.

Co-op was hit by a similar cyber attack and stock shortages were seen in shops as a result. Harrods was also targeted by hackers. 

What is a cyber attack – and what are the common threats?

A cyber attack is when a hacker tries to disable systems, steal data, or destroy information by gaining unauthorised access to computer systems.

Common types of cyber attack

The European Union Agency for Cybersecurity (ENISA) has revealed the common types of cyber attacks experienced by small and medium-sized businesses:

  • phishing attacks – fraudulent emails asking businesses to share passwords and banking information
  • malware – software designed to get unauthorised access to a computer and cause damage, such as a virus
  • malicious insiders – attacks from employees or former employees who have access to your system and breach sensitive data
  • denial-of-service strikes – an attack which aims to shut down a company’s systems so it can’t operate

How to prevent cyber attacks against your business

It’s important to have a robust defence against cyber attacks in place. And, as the technology used to carry out attacks develops quickly, you’ll need to review your procedures regularly.

Some of the simplest things you can do include:

  • updating software – installing updates as soon as they become available is an easy way to protect your business
  • backing up your data – if you were to fall victim to a cyber attack, backing up your business-critical information can help you to keep going
  • staying alert – keep up-to-date with security threats and make sure you don’t fall into the trap of alert fatigue
  • training your employees – make sure your employees are working safely online and that they know what to look out for, and how to report signs of cyber attack
  • using password protection – office equipment and phones should be protected by strong passwords, and important accounts (like banking) should have two-factor authentication set up (this is an extra layer of security known as 2FA)
  • risk planning – create a business continuity plan so you know what to do if your business experiences a cyber attack and how to minimise disruption 

Along with a thorough cyber security policy, you should also have a website privacy policy that outlines how you collect and store data.

What is cyber security?

Cyber security is the act of protecting the devices and online services we use from theft or damage. This includes smartphones, laptops, tablets and computers, as well as preventing unauthorised access to the personal data you store about your customers.

Woman working at computer in office

Photograph 2: BullRun/stock.adobe.com

Why is cyber security important?

Cyber security is important for protecting your business from online threats like theft, extortion and damage. Potential hackers may try to gain unauthorised access to personal information, passwords, intellectual property, financial data, or sensitive data to cause harm to your business.

Financial loss, data breaches, and reputational damage are just some of the risks of a cyber attack.

If your business has reached a certain size, you might consider hiring a cyber security analyst.

Julia Studholme, former Cyber Security Analyst at Simply Business, says:

“Now, more than ever, cyber security is at the forefront of organisations of all sizes. Cyber attacks are routinely front-page news, but in addition to the reputational damage that attacks can have on businesses, they can cause a major amount of business disruption too. Behind the headlines, there’s often further damage to business operations such as system outages, data loss and financial losses too.”

‘Remote working has added a layer of complexity’

Speaking of the common threats and trends related to cyber security, Studholme said:

“Widespread adoption of remote working has added a layer of complexity when it comes to cyber security risks. Not only do companies have to concern themselves with all of the devices on their corporate networks, but they have to consider devices that are on employee’s home networks too, over which they have much less visibility.

“One of the main threats facing businesses today is cloud vulnerabilities. The adoption of cloud-based services and infrastructure (and in some cases, multi-cloud adoption) has meant businesses become a prime target for attackers.”

Although it might be difficult to stop every threat, small businesses can protect themselves in a by having as many layers of defence as possible and creating obstacles for hackers to get around.

These could include multi-factor authentication technology and regularly training staff about the cyber security threats they face.

Small business guides and resources

Ready to set up your cover?

As one of the UK’s biggest business insurance providers, we specialise in public liability insurance and protect more trades than anybody else. Why not take a look now and build a quick, tailored quote?

Start your quote

Written by

Catriona Fuller

Catriona Fuller is a content and marketing professional with 12 years’ experience across the financial services, higher education, and insurance sectors. She’s also a trained NCTJ Gold Standard journalist. As a Senior Copywriter at Simply Business, Catriona has in-depth knowledge of small business concerns and specialises in tax, marketing, and business operations. Catriona lives in the seaside city of Brighton where she’s also a freelance yoga teacher.

This content is for general, informational purposes only and is not intended to provide legal, tax, accounting, or financial advice. Please obtain expert advice from industry-specific professionals who may better understand your business’s needs. Read our full disclaimer