It may be obvious but what cyber security exposures does a small business have that could lead to cyber crime or a data breach ?
A typical small business is likely to have the following cyber security exposures:-
Computer Servers – your servers and servers of other third parties of who you may be dependent upon.
Laptops – of all your employees and any temporary staff.
Mobile Devices – do you know who has a mobile device, do they work from home , do they use wi-fi in the local coffee shop ?
Removable Media – are all USB sticks accounted for and are employees allowed to remove then from the office?
Paper Records – do you still use paper files , these should be replaced by electronic files.
Electronic Files – what data is stored on your electronic files , is it personally identifiable information ?
Company Website – is this protected by the most up to date firewalls?
Databases – what data is stored on your electronic files , is it personally identifiable information ?
Software – how old is your software , does it need to be updated , is it regularly patched ?
Computer Networks – what is your dependency on third parties?
Use of Cloud Services – does your cloud provider purchase professional indemnity insurance ?
Once you are comfortable that your have identified all of your technologies , a risk analysis should be carried out , followed by a review of your internal procedures such as the website privacy policy and conditions. This should be carried out in tandem with all of your external procedures and providers , such as any third party and cloud providers for whom your computer services may be relying on.
Are your Business Continuity Plans and Disaster Recovery Plans up to date ?
Are your staff trained in all the most up to date cyber security company policies ?
Have you considered Cyber Insurance for your business ? – the purchase of this type of insurance is the balance between owning your cyber related exposures and being confident that you can manage and accept these risks. This is against the risks that you may not be able to manage and the areas that could cause the business a significant loss and impact severely on your balance sheet.