Believing in Boogeymen

September 2013

It seems fairly accepted these days that businesses are not doing enough in the area of Cyber Security. Progress is being made to an extent, but mostly this seems to be in businesses that are bigger targets.

Why don’t small companies worry about Cyber Security?

I think the answer is really quite simple: they don’t believe in boogeymen. People accept that there really are people who want to hack into big targets: banks, militaries, governments, big companies – well, just take a look at this visualisation of infamous data breaches.

But why should small companies need to worry about that sort of thing? Cyber Security is a heavyweight term that makes one think of some pretty serious organisations. A small company doesn’t need to do what they do any more than they need armoured cars and armed guards outside their office. And I think that’s the root of the problem.

Security is sometimes armoured cars, and it’s sometimes remembering to wind the windows up and lock the doors. Cyber Security, as a term, makes you think of spy movies – but it’s really much broader. It isn’t always about huge investments in complicated things to protect against organised enemies – which in a small business, may not exist. It can be a very small investment to get a basic level of protection that can prevent 80% of attacks.

It’s nothing fancy – just good practice. Keeping software up-to-date, configuring systems properly, changing default or empty passwords – that sort of thing. You may not realise it, but when you do that, you are doing Cyber Security. I’d like to see more small business having an interest in this side of things. Of course, in such environments, resources are finite and there are plenty of other things to worry about. And you might get away with ignoring Cyber Security completely. You might also get away with not locking the door when you leave the house, but when it takes so little effort to get such a fundamental level of security, why wouldn’t you? You can find plenty of scary statistics elsewhere on this: the upshot is that the targets aren’t just big companies anymore.

It pays to keep up to date, because the targets today are pretty much everyone. Making a cursory effort can make a huge difference! Free Cyber Security events are taking place in the East Midlands. If you’re interested, why not go along? Follow: @IISPEastMids