would you leave your house unlocked?

guest piece | cybersecurity

"I mean, you wouldn't give copies of your house keys to everyone who comes around, would you?

Yet, you are probably using the same password on at least three different apps."

 Sara, our company director, was speaking to the IT lead of the university while on set for a series of films about cybersecurity for Jisc when he made this analogy, and this spontaneous remark sparked our curiosity about cybersecurity. What is cybersecurity? And what could happen?

Let’s face it: running a business (like managing a video content agency, don’t we know!) is already a full-time job. Thus, considering your cybersecurity, despite the best intentions, likely falls to the bottom of that lengthy to-do list.

And we know what you’re thinking – “Why would anyone target little old me?” This is why many small business owners dismiss cyber threats, often believing they’re too small to be targeted. However, you might be surprised to find out that cybercriminals are targeting small and medium-sized enterprises (SME) more and more frequently than ever. Now that cyber attacks are becoming as common as a full Monday morning inbox, every SME, freelancer, or agency – yes, including creative types! – needs a robust digital defense to safeguard its business and reputation.

Of course, nearly everyone knows how to identify (most) scam emails, and we’re all aware that using our pets’ names for all our passwords is a practice we should abandon – but what more can we do to swiftly and easily enhance our cybersecurity?

We had a comprehensive discussion with Jay Bodys, the founder of Network Bridge, to demystify this complex issue and identify straightforward ways SMEs can boost their security.

The good news is even though staying ahead in cybersecurity seems like an endless struggle, there are in fact simple measures you can take that can significantly bolster your SME’s defences. Here are Jay’s top five tips:

1. people are as important as technology.

One of the most effective strategies is to provide security awareness training for your team. This critical defense mechanism against cyber threats empowers individuals within an organization with the knowledge and tools needed to recognize and avoid potential cybersecurity risks, creating a safer environment. Embedding a security mindset within your business culture to drastically reduce risks associated with human error. Numerous training options exist, and it’s worthwhile to research and find one that best fits your organisation. The National Cyber Security Center www.ncsc.gov.uk offers excellent infographics for small businesses that can be downloaded and shared with your team.

2. assess your risks regularly

 Consider what you’re protecting, how you’ll protect it, how you’ll know if it’s in danger, and your response and recovery plans. Regularly revisiting these questions ensures that all business members are well- informed about the action plan in case of a cyberattack, reinforcing the security mindset.

Cyber Essentials, a government-backed scheme, is an excellent starting point for protecting against a wide range of common cyberattacks.

3. be vigilant with email security

Email remains a significant vulnerability for cyberattacks. Training employees to recognize all potential types of attacks is crucial, and it’s always safer to verify before clicking a potentially harmful link. Implementing email security protocols like SPF, DKIM, and DMARC can significantly lower the risk of email-based threats.

4. robust password management

Implementing a proper password management system might seem obvious, but many businesses overlook this. Enforcing a password policy that includes complexity requirements, regular updates, and the use of password management tools can maintain authentication process integrity.

5. updates and backups

Keeping software up to date is vital, as is backing up your data. Regular updates ensure your software is protected against known vulnerabilities, and a comprehensive backup strategy is crucial for business continuity in case of an attack or other disasters.

Cybersecurity is both fascinating and, admittedly, somewhat terrifying. However, we learned that maintaining awareness and integrating these measures can significantly fortify an organisation’s defences, ensuring the security of digital assets and business continuity. And that’s comforting at least!

Jay Bodys is the founder of Network Bridge, a company that works with businesses to optimise their IT for both growth and protection. Their blog is highly recommended for those interested in staying informed about cybersecurity, tech matters and lots more!

We thoroughly enjoyed our conversation with Jay and understand the importance of this issue. We’re collaborating with Jay to develop some free cyber health resources. If there are topics you’d like to see covered, please get in touch!