As a business, you’re never too small to be hacked. In fact, cybercriminals often target smaller companies – especially those serving larger ones – due to more easily exploitable security systems. This Cyber Security Awareness Month, we ask an expert for his top tips and advice.
Since small and medium enterprises (SMEs) comprise more than 99% of the UK’s total business population, it’s vital that these security systems and their users are well prepared for whatever today’s cybercriminals may throw at them.
A longstanding supporter of SMEs and the small office/home office (SoHo) sector, Vodafone created V-Hub to ensure this community is equipped with the digital skills and knowledge it needs to repel potential attacks.
Born out of the COVID-19 pandemic, when a lot of small businesses were forced to move their operations online, V-Hub provides free support and guidance around topics like digital marketing, sales and, crucially, cybersecurity.
All of which is delivered on a one-to-one basis through a dedicated team of advisers, supported by a host of online resources, so every individual business can get exactly what they need.
V-Hub 'an amazing service for small businesses', say entrepreneurs
Three burgeoning entrepreneurs tell us what V-Hub has done for them, as Vodafone’s guidance service for small and medium-sized businesses marks its first anniversary.
Security lessons with a personal touch
Cybersecurity guidance isn’t difficult to find online; a quick Google search will arguably bring up more information than a business could ever need.
That can often be the exact problem, however. For smaller businesses, without the necessary time, money or resources to sift through these materials, it’s easy to get stuck in a state of ‘analysis paralysis’, unable to make a meaningful decision due to the sheer number of options available.
That’s where V-Hub comes in. Aided by a team of expert advisers, each with their own individual specialty, V-Hub focuses on stripping away the vast reams of technical information that businesses are often faced with when it comes to keeping themselves secure online.
Instead, customers get easy-to-understand advice and easy-to-implement actions – all from a friendly face. Like Johnny – V-Hub’s resident cybersecurity expert.
“Whenever anyone comes to us with questions,” says Johnny, “we first try to understand where the business is in its life cycle, what their starting point is when it comes to security, and what kind of security risks they are experiencing.”
This initial conversation tends to take place over the phone, taking about fifteen minutes. Johnny – or one of V-Hub’s other advisers – then goes away and creates plan of action.
“Next I will have a video call with the business,” continues Johnny. “This typically takes 45-60 minutes and sees me go through, in depth, all of the specific points that came up during our first chat.”
While this plan obviously differs based on the business’ specific needs, there’s always one action that Johnny recommends they begin with.
Vodafone Business launches cybersecurity platform to help SM&Es reduce human cyber risk
To prevent costly cyberattacks resulting from human error, Vodafone has launched Vodafone CybSafe in partnership with leading human risk management (HRM) experts CybSafe.
‘A’ is for audit
“First, we have to make an assessment of the customer’s system,” explains Johnny. “Basically, we have to gain an understanding of what platform they use, what devices are connected, and what services they may provide.”
The reason for this is simple: a business’ security is only as strong as its weakest link. Therefore, before taking any remedial action, it’s vital that the business in question has a good understanding of all the components that interact with its systems.
After all, if any of these components are breached, then the whole network is put at risk. Meanwhile, the actions required will differ depending on the makeup of the business’ software and hardware.
“You wouldn’t bring just anybody into your home and your business shouldn’t be any different. You need to have checks in place to make sure that the person coming into a protected area has the right authorisation.”
“Take your antivirus, for instance. The best option can often be the one that is integrated into your operating system, such as Microsoft Defender, as it arguably opens you up to less issues.”
It’s not just the machinery that poses a risk, however, with one study suggesting that 74% of all breaches include a human element. Indeed, some of the most widely reported global data incidents of recent times have allegedly involved some form of human error.
“You wouldn’t bring just anybody into your home,” suggests Johnny, “and your business shouldn’t be any different. You need to have checks in place to make sure that the person coming into a protected area has the right authorisation.”
Vodafone Business partners with cloud security leader Zscaler to accelerate SMEs’ migration to the cloud
Vodafone Business Secure Access Gateway is a managed service which offers protection for users connecting to services, data and applications from any device and any location.
Every day is a school day
Staff training is also an invaluable tool – especially when regularly repeated.
“Things like phishing training, for example, should be done periodically,” explains Johnny, “so that people keep it top of mind at all times and don’t become complacent. You also have to keep updating your training, as things can change fairly regularly in the world of cybersecurity.”
A proactive approach to cybersecurity, which involves regular training, should be as essential a part of the business as payroll. In fact, thinking of it in terms of the financial cost can help explain why it is so important for smaller businesses with smaller margins of error financially.
As part of its Cyber Security Breaches Survey, the Government reports that the average (mean) annual cost of cyber-based crime for UK businesses is roughly £15,300 per victim.
To help businesses avoid the financial impact of cyber incidents, Vodafone has launched CybSafe – an app that combines AI, data, psychology and behavioural science so that teams can measure and improve cybersecurity behaviour, awareness and culture within their organisation.
Underpinned by SedDB, the world’s most comprehensive cybersecurity behaviour database, CybSafe provides both training modules and virtual cyber assistance, ‘nudging’ users when their cybersecurity may need addressing or compliance actions are required.
“All of this guidance is about improving behaviours,” concludes Johnny. “And when people learn to behave in a specific way, that can often result in better security measures than having a really expensive external solution.”
Visit our V-Hub homepage to find out more, and stay up to date with the latest news from Vodafone by following us on LinkedIn and Twitter/X, as well as signing up for News Centre website notifications.
