CYBER RISK – FAQ FOR BEGINNERS

Cybersecurity has never been more important as the threat from cybercriminals increases year-on-year. Businesses need to ensure they are cyber resilient in 2021 and getting guidance on this complicated topic from a trusted source.

You may be confused by cyber risk right now, and if you are, you’re not alone. Most people who own or manage small businesses are concerned about the cyber exposures of their businesses. A lot of people are confused by the complexity of the topic and the large number of solutions promoted by the cyber industry.

As the owner of a small business, I understand the small company perspective. Here are a few frequently asked questions about cyber risk that I often get from the businesses that I engage with:

WHAT IS CYBERSECURITY?

Cybersecurity has been defined as  a collection of technologies, practices and processes that protect networked computer systems from harm or use by an unauthorised person. Its purpose is to protect businesses from cyber-attacks, threats and risks.

WHAT IS A CYBER-ATTACK?

A cyber-attack is an offensive action by a malicious actor that is intended to undermine the functions of networked computers and their related resources, including unauthorised access, unapproved changes and malicious destruction.

WHY DO WE NEED CYBERSECURITY?

We need cybersecurity because of the frequency with which cyber-attacks develop into major incidents and the severe impact they can have. Because small businesses, have limited resources to respond and recover, a cyber incident can easily lead to the financial collapse of the business.

WHAT EFFECT CAN A CYBER INCIDENT HAVE?

There are many possible effects of a cyber incident including:

1.       Websites and systems can be kept offline for a prolonged period

2.       Negative Public Relations can result for the business

3.       Ransom Demands may be made by the attackers

4.    Fraudulent Payments may be requested and implemented

5.       There will be  unavoidable cost of fixing the damage to systems and restoring everything  

6.       The liability to third parties arising from the incident could be severe, e.g. a data breach.

IS CYBER RISK ONLY IMPORTANT FOR BIG COMPANIES?

The sad reality is that 60% of small companies go out of business following a cyber hack and 71% of all cyber assaults occur at businesses with under 100 workers. Small businesses, are big business for cybercriminals. You should be concerned if you have not yet prepared your company and your people for a cyber-attack.

 ARE THERE ANY GOVERNMENT REPORTS ON CYBERCRIME IN THE UK?

Yes, a recent Government report indicated that:

  •  Cybercrime accounted for 57% of the 1.92 million incidences of all fraud reported in the previous 12 months.
  •  2.9 million UK firms suffered cybersecurity breaches at a cost of £29.1 billion.
  •  43% of all businesses have experienced a cyber incident in the last 12 months.
  •  Nearly 75% of firms have no formal cybersecurity policies and 87% have no cybersecurity incident management process in place.

DO SMALL BUSINESSES HAVE A GOOD UNDERSTANDING OF THEIR CYBER RISK?

There is a growing understanding amongst the owners and managers of small businesses of the reality of cyber risk and the need to take action. However, more education is needed to help small business owners distinguish the truth from the myths:


 Myth

 Truth

  • Cyber is merely an IT issue

  • Cyber preparedness starts at the top and affects the entire organisation

  • Technology solutions are a silver bullet

  • Technology can be part of the solution, it’s not the entire solution

  • Regulatory compliance equals security

  • Regulatory compliance is the bare minimum  

  • Only industries that house sensitive data are under direct threat

  • Companies of all sizes across all industries have vulnerabilities

  • Companies can outsource the function along with the responsibilities and risk

  • Companies ultimately own the risk

 

WHAT IS SURVIVING CYBER?

Surviving Cyber is a new education initiative from John Byrne. I am an entrepreneur who exited from a successful insurance start-up in 2015. My expertise is in risk management, not technology. I understand the challenges that small businesses face and am currently gathering input from the small business community in the UK and Ireland for my online education course about the cyber risk of small businesses.

HOW CAN SURVIVING CYBER HELP ME?

Surviving Cyber offers an online education course that helps small business owners prepare a Pathway towards Peace of Mind from Cyber risk. The course is currently in Pilot form and is being tested with small groups prior to becoming a commercial offering. 

If you like the sound of the course,  Surviving Cyber – the small business owner’s Pathway to Peace of Mind, you can register for the course on any of the pages of the website www.survivingcyber.com. If spaces on the Pilot course are not available at that time, you can join our email list on the 'Contact Us' page to receive ongoing communication from me including details of future courses.

I look forward to getting to know you.