Small businesses need to prioritise cybersecurity

As new figures reveal less than a quarter of small businesses cite cybersecurity as a top concern, despite its vital importance to consumers and within the supply chain, it's clear that businesses need to plan ahead.

The recent TalkTalk and Sony security breaches have highlighted how customers can have their secure banking information and other confidential information compromised - so security online is very topical.

Meanwhile the 2015 Information Security Breaches Survey commissioned by the Department for Business, Innovation and Skills (BIS) surveying companies across the UK on cybersecurity incidents and emerging trends, found the number of security risks has increased, and the scale and cost has doubled.

Interestingly, it found that despite the increase in staff awareness training, people are as likely to cause a breach as viruses and other types of malicious software.

Whilst a new report entitled Small Business Reputation and Cyber Risk from Cyber Street- Wise and KPMG found that less than a quarter of small businesses cite cybersecurity as a top concern, but it’s of vital importance to consumers and within the supply chain.

Are you aware of the changes ahead?

Technology giants like Microsoft and Bacs keep their systems strong against security threats by regularly updating them - but for them to be effective, businesses need to be aware of the changes and keep up to date.

As the reports demonstrate, this is especially the case with small businesses who don’t have a team of IT experts to support them, and may not feel this is a priority amongst competing demands on their time.

But businesses need to be prepared to keep pace with security changes directly affecting thousands of companies across the country.

Cybersecurity and Bacs

The Bacs network is the payment transaction service used by 95 per cent of the 130,000 businesses in the North East, and the 5.4m businesses across the UK as part of the Faster Payment Service.

Of those businesses using Bacs, almost 70,000 process their Direct Debit payments directly using Bacs Approved Software, whilst the remaining 60,000 businesses use a third party Bacs Approved Bureau Solution (BABS) company to do so on their behalf.

Bacs is carrying out new upgrades which come into play in June. They are highly technical but put simply they secure the integrity of the link between the Bacs network and the customer.

By upgrading its ‘cryptographic’ protocols to keep its system as safe as possible, Bacs is being responsible. But it may also have the effect of catching some businesses out who connect to the Bacs service either via software or the Payment Services website.

The first concern is that if businesses are not aware of the changes, this could result in payment delays, inconvenience and potentially cost money, and credibility for them.

But more seriously if businesses are still using outdated protocols for any of their online financial transactions, this would leave them vulnerable to cyberattack.

Without the security upgrades, users are at the mercy of unscrupulous cybercriminals, as the older encryption protocols, that maintain a secure link between computer and any financial transactional websites, are compromised over the coming months and beyond.

New, much more sophisticated upgraded security systems effectively kick the former protocols into the long grass.

Microsoft withdrew support for operating system Windows XP as it relies on older coding, which means its hasn’t had any security upgrades, making it an easy target for hackers.

But worryingly many businesses still use XP machines for all their online financial transactions, and are ultimately much more vulnerable to cyber-attack. They will need to upgrade both their software and hardware to keep pace with the Bacs changes in June.

Businesses in any doubt can visit the Bacs website and search for more information or speak to their own IT provider or bank.

Don’t put your business and its reputation at risk by not protecting your data – follow these three simple steps and keep yourself secure:

  • Use three random words to create a strong password
  • Install security software on all devices
  • Always download the latest software updates

George Barron is managing director of Unified Software