Small firms not taking cybersecurity seriously could end up out of business if they don’t take steps to protect themselves.
That was the stark warning from experts at a free training session provided to small businesses by Denbighshire County Council.
Firms in the county were given a session on Cyber Essentials, a UK Government backed, industry-supported, scheme for basic cybersecurity.
Jason Davies, director of Ruthin-based Safonda, a Cyber Essentials accreditation company which trains businesses to protect themselves from attacks, led the session.
He said: “Cybersecurity is vital for small businesses. Larger businesses can absorb a cyberattack, for small businesses, if you lose access to your data, even for a day, it can have a massive impact on your company or even shut you down.
“If you are in-line with Cyber Essentials, ransomware can’t hit you to start with. As long as you are up-to-date and doing all the things you should be, it shouldn’t get you.
“If you are the victim of a cyberattack, the first thing you should do is speak to your internet provider. Then look at what the impact is and what has been affected.
“We can’t tell people whether to pay for their data or not after they have been hit by a ransomware attack. If you pay a ransom for your data then you are funding those criminals but at the end of the day you are a business and if the data is vital to you, we can’t say don’t pay it.”
In 2016 cybercrime cost UK businesses £29 billion and Mr Davies said the best defence is to back up your data.
“If you want a good all-round solution, the answer is to go and look at the Cyber Essentials scheme. It gives you the guidance on the five most important actions.”
As part of its work on developing the local economy, Denbighshire has been helping local businesses understand what they can do to make themselves resilient to the growing threat from online crime.
Cllr Hugh Evans, leader of Denbighshire, said: “Our business survey last year suggested a low level of local awareness of cybersecurity threats and this is one of the steps we are taking to address that.
“In 2015 the UK Government introduced Cyber Essentials certification as mandatory for certain contracts involving personal or sensitive data, not just for the principle contractors but also the wider supply chains.
“The council therefore wants to help make local businesses aware of this so they can improve their chances of winning tender opportunities.”
Maureen Young, co-owner of Ruthin Decor, was a victim of a cyberattack last year and she described it as “devastating".
She said: “Cybersecurity is a big issue for our business. We had a malware attack and whilst it didn’t affect our main accounting systems, it did affect some of the documents I held.
“It is now a real concern for us to make sure we are up-to-date on protecting the business against those risks.
“I would urge other businesses to take this threat very seriously. I thought of myself as someone who was very much aware when an e-mail comes in, to know if I should open it or not, but I still opened something I shouldn’t have.”Denbighshire County Council is looking to host another free course for businesses in October and to register your interest email econ. email@example.com
See full story in the Free Press