Since the pandemic the Welsh business start-up community is growing according to recent figures from insolvency and restructuring body, R3 which has recorded that the number of new businesses in the region has risen by more than half since December 2021 – 50.5%.
And, with 98% of UK businesses now operational online in one way or another, benefiting hugely from the use of websites, social media, staff email addresses, online banking, and the ability for customers to shop online, it’s no surprise that cybercrime is on the up.
A cyber-attack costs on average £4,200 which most SMEs and start-ups can’t easily afford so there are a few simple measures you can put in place to make sure your organisation is protected.
We have compiled the list below of the top five steps you should do when setting yourself up in business.
1. Backing up your data
No matter how small a business you have, regular backups of your important data should be made, making sure this is part of everyday business and can be easily restored. One option is using cloud storage (this is where a service provider stores your data on its infrastructure) and means your data is physically separate from your location.
2. Protecting yourself from malware (malicious software/web content that can harm your business)
The most well-known viruses can infect your software so, to tackle these unwanted invaders, here’s what should you implement.
· Install and turn on antivirus software
· Keep all your IT equipment and software up to date – this is called patching
3. Keeping your smartphones and tablets safe
These are equally if not more important to protect against cybercriminals as they operate as an extension of the office. Always switch on your password protection and keep your device and its apps up to date and never connect to unknown Wi-Fi hotspots.
4. Always use passwords to protect your data
Keeping your confidential information is crucial and passwords are an effective way to protect yourself from unwanted users accessing your devices.
· When buying your new computer, laptop or mobile, you must change the default password – this is the start-up password that comes from the manufacturer. Contrary to belief, they are not secure! Make it a priority to change them
· Make sure you switch on password protection
· Avoid using predictable passwords – we recommend using three random words in line with government advice
· Use two-factor authentication for your important accounts (this is where you require two different methods to 'prove' your identity before you can use a service, such as a password plus a code).
5. Avoid phishing attacks
This is where attackers send fake emails asking for sensitive information (you probably have already received at least several), ultimately trying to get you to send money and steal your details. Staying one step ahead in identifying what these emails look like will is key. So, here’s what to look out for…
· Bad spelling and grammar or if the email has graphics on (company logo etc.) is the design what you would expect it to look like?
· Does it refer to 'valued customer', or 'friend', or 'colleague'? This can be a sign that the sender does not actually know you, and that it is part of a phishing scam.
· Does the email contain ask you to act urgently? Be suspicious of words like 'send these details within 24 hours' or 'you have been a victim of crime, click here immediately'.
· Look out for emails that appear to come from a high-ranking person within your organisation, requesting a payment is made to a particular bank account. Look at the sender's name. Does it sound legitimate, or is it trying to mimic someone you know?
Here at The Cyber Resilience Centre for Wales, we offer a range of services for businesses to help identify your digital vulnerabilities and weaknesses or, if you are a victim of a data breach, we can run an individual internet investigation that would identify what personal or private information is publicly available online.
We also offer a range of membership options depending on what level of support businesses need. Free Core membership provides businesses with access to a range of resources and tools to help them identify risks and vulnerabilities, as well as providing guidance on the steps they can take to increase their levels of protection.