Starting a business, typically on limited resources, requires a huge amount of flexibility and agility. In many cases start up business owners assume multiple roles, including taking responsibility for cyber security. It is both an exciting and challenging time, and juggling responsibilities can increase the risk of tasks falling between the gaps of what needs to be done, many founders find there is too much to do and simply not enough hours in the day.
In addition to the volume of work required, start-ups are particularly vulnerable to attack as many do not have the same cybersecurity budgets as larger companies. They may also not have a full appreciation of just how important cyber security is, and could be under the misconception that they are too small to need a cybersecurity program.
Start-Ups, Micro And Small Businesses Are Unprepared For Cyber Attacks
According to a recent government cyber security report:
- 38% of UK micro and small businesses identified a cyberattack in the last 12 months, although we suspect this is only the tip of the iceberg, just think about how many may not even know they have been the victim of a breach
- 32% have undertaken a cyber security risk assessment
- 22% have a formal cyber security strategy in place
- 18% of micro and small businesses have a written incident management plan
- 16% have carried out staff or awareness training
- 7% have assessed risks presented by their wider supply chain
Yet, 81% say their board sees cyber security as a high priority. So there is a disconnect between what small businesses know to be a priority and actually putting a cyber strategy in place.
5 Key Cyber Areas To Focus On
Sophisticated cybersecurity measures are often costly, however there are measures start ups and small businesses can take to protect against cyber attacks. As a priority we suggest that start-ups should at the very least focus on 5 key areas of cyber security:
- Ensuring software updates and security patches are installed on all devices, apps etc
- Consider good password hygiene
- Install firewalls
- Improve team awareness of cyber attacks
- Map out information processes, identify what data is flowing where, who has access to it, how are they accessing etc, this will start to form a picture of possible attack points
Cyber Essentials Certification Is Perfect For Start-Ups
We recommend that start-ups look to gain Cyber Essentials certification. Cyber Essentials is a simple but effective, government backed scheme that helps protect organisations of all sizes against a whole range of the most common cyber attacks. The scheme focuses on 5 different areas of cyber security, which when correctly deployed,protects organisations from the most common cyber security threats.
Infosec Partners offers support to help organisations through each step of the Cyber Essentials certification process, contact us today for expert guidance on cyber security for start-ups.
