search.noResults

search.searching

saml.title
dataCollection.invalidEmail
note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
22 DEBATE


Jon Lomas, Lancaster University


We have been running two projects recently, funded projects for small to medium businesses. The aim was to help them understand how to defend themselves.


The programmes really tried to instill security principles and a risk-based approach. The other part of the project was to exploit digital technology for growth and innovation.


Cyber security is often seen as something you have to do, a bit of housekeeping, a bit of a health and safety type approach. We believe that it can be used to accelerate business growth. Eighty percent of cyber-attacks, low level ones that we should be worried about around this table, would be prevented if


everyone followed Cyber Essentials. It’s a relatively straightforward standard to achieve.


It’s what you have to do to win contracts. It ensures that you’ve got the very basic levels of standards and controls in place that are recognised as the bare minimum to operate safely.


We talk about innovation a lot. The people who are innovating fastest are the criminals. We’ve closed the door to a lot of traditional crimes and cybercrime has become an easy route for some to go down.


Think about exactly what you would need to do should there be a cyber-attack. Prevention is better than cure, be as prepared as you can be, get as up to date as you can be. There’s resource available to support you.


Mark Edwards, Seriun


Cybercrime is ever-evolving. It used to be phishing, now it’s attacking global admins and they’re moving forward to the next one. Who knows what it will be. There is no discrimination.


When you leave your building, there’s usually a sign saying, ‘Please put the alarm on as you walk out’. That mantra needs to be the same for the computer user.


There are a lot of targeted attacks, with the people who hold the bank keys the ones they want to go after. However, there’s a ton of measures that can be implemented at no cost whatsoever.


You can bring up that baseline standard, just to move the attacker on to the next business who, unfortunately, doesn’t have it.


It is a bit like traditional crime. My front door is locked, so you go next door. If somebody tries to steal a car from a drive they’ll pick the house without CCTV.


If your office is broken into you ring the police first. When there’s a cyber issue, you ring your IT person. I’ve had so many phone calls from MDs over the years, especially when ransomware was prevalent.


We can put technical measures in place, the human element is the bit no-one can control. We’re all really silly sometimes. So that’s the gap that needs filling.


Dan Giannasi, North West Cyber Resilience Centre


We are a police-led partnership set up to support SMEs with their cyber security. Cyber-attacks are costing the UK economy around £2.5bn a year. About 42 per cent of all crime now is online, cyber- enabled crime.


It has been estimated that a cyber-attack on a small business can cost them around £4,500, rising to around £20,000 for a medium sized concern. But the reality is there are attacks that will cost significantly more. It’s hard to quantify the reputational damage or the damage from losing contracts as a result of having to tell your customers you’ve been a victim.


About 80 per cent of all cyber-attacks are automated, they involve somebody setting up a programme, sending out an attack. They will find a way in through vulnerabilities, through people clicking on phishing links. They will just fire out emails until one of them sticks.


Educating yourselves and your employees is always going to be the best defence. You’re never going to stop every attack but if you’ve got the defence in place through your IT, your staff are aware and thinking about the issues and considering and questioning, that will add another massive layer of defence and hopefully limit the damage if it does get through.


Shafiq Khan, East Lancashire Chamber of Commerce We’ve seen the growth of cybercrime accelerate since the pandemic, with people working from home.


People are starting to use their own personal devices, which is a big ‘no-no’. We have made sure all our devices are patched, up-to date, and have all the latest operating systems.


I have received a lot of calls from clients whose 365 accounts have been compromised. They have not taken simple steps such as two factor authentication. As far as I’m concerned that should be a mandatory requirement. A lot of my web project clients use Word Press and as it is used by 30 per cent of all websites around the world it is more


targeted and vulnerable to attack, so you’ve got to make sure it is up to date.


It is about having more ‘cyber hygiene’ and staff having more awareness. We have systems in place but at the end of the day it’s users who are the weakest link. So, we make sure we’re always notified of the latest threats and share them in our regular staff meetings.


We’ve also started to implement regular social engineering tests, where we send an email impersonating another member of staff to everyone and then monitor whether they’ve actually clicked on the link to an attachment. We can see who’s opened them and then educate them.


Gary Clifton, Partners&


Cybercrime is occupying an awful lot of our time as an insurance broker. It is a risk accelerating as quickly as the innovations on the criminal side and, in terms of response, it is about trying to keep pace. Cybercrime is growing as an industry because it is successful, and people are making a lot of money.


Insurers are getting more demanding and generally that is something that should be embraced. They see the volumes of claims coming through. Those demands are to help keep you above that baseline, to keep you out of harm’s way if they can.


As a business owner, if you’re not interested enough to invest in cyber defence and potentially buy a policy at the other end of it, it’s just everyone else’s problem. Risk management is in everyone’s interest. It needs to be right up there as a priority. If you’re running a small business, it should be as important to you as managing your cash flow.


Cyber Essentials is free. If you employ people, there’s training and awareness available. You can also ensure that once all else fails, despite your best efforts, there is someone to step in and help you get back up and running.


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58  |  Page 59  |  Page 60  |  Page 61  |  Page 62  |  Page 63  |  Page 64  |  Page 65  |  Page 66  |  Page 67  |  Page 68  |  Page 69  |  Page 70  |  Page 71  |  Page 72  |  Page 73  |  Page 74  |  Page 75  |  Page 76  |  Page 77  |  Page 78  |  Page 79  |  Page 80