A commercial insurer is calling on businesses to tighten security and take simple steps to avoid falling victim to cyber-crime.
NFU Mutual says that businesses of all sizes and sectors – ranging from retail to tradespeople and motor trade to manufacturing – can be and are impacted by cyber-crime.
The 2024 Gov UK cyber report shows 50% of businesses experienced some form of cyber security breach or attack in the last 12 months and of these, 312,000 companies ended up being victims of cyber crime.
As part of Cybersecurity Awareness Month in October, NFU Mutual says taking simple but effective steps can prevent the rise of a growing problem.
Research from the commercial insurer highlights just how many industries and businesses face this issue on a regular basis. A previous survey of tradespeople – typically not an industry associated with digital crime – showed that almost a quarter (23%) had suffered a cyber-attack or cyber incident in the last 12 months. It was a similar number in the motor trade industry, with 24% of those surveyed saying they had fallen victim over the past 12 months. An alarming 81% also said they had been affected by cyber-crime at one time or another.
The Gov UK report shows that more than four in ten businesses across the UK (43%) are insured against cyber security risks in some form, an increase from 37% in 2023.
James Trevis, NFU Mutual’s cyber specialist, said:
“We know cyber-crime is an ever-growing threat and incidents are increasing for all industries and businesses.
“Due to the modern way of working with technology, core business functions are carried out online and this makes anyone who uses digital devices vulnerable.
“Most companies will have a website, quotes, payments and communication tools to deal with suppliers and customers with most of that being undertaken online. All of this information could be valuable to a cyber criminal.”
NFU Mutual’s research showed the retail sector as another that has been impacted by the rising crime. More than half of retailers (53%) said they had fallen victim to cyber issues, with 22% saying they had increased their IT security in a bid to bolster their defence.
James added:
“This is clearly a growing issue, but we have seen an increase in prioritisation of cyber security across all sizes of businesses, according to the latest Gov UK annual cyber report.
“A total of 84% of small businesses, 93% of medium businesses and 98% of large business say it’s a high priority – all up slightly from the figures in 2023.
“We wouldn’t always expect small businesses or sole traders to have expensive security systems, but we would urge anyone who can to tackle cyber-crime head on and take some simple, cost-effective measures to protect the online data they hold.”
Commercial insurer NFU Mutual has highlighted the following digital technology that would be at risk for businesses:
- The use of computers and software including email and other applications to communicate with customers, order materials and sell products
- Servers or digital storage facilities to hold customer and employee data
- A website to promote your business and sell products
- The use of online banking to transfer funds, purchase suppliers and receive payment from customers
- Internet connected devices – such as office computer networks, CCTV and lighting
To help protect your businesses, NFU Mutual recommends the following:
- Use strong passwords – but crucially don’t use the same log in details or passwords across multiple accounts and services and always separate personal and business accounts
- Implement Two Step Verification (Multifactor Authentication) – this is a simple method which requires two different methods to ‘prove’ your identity before you can use a service, generally a password plus one other method such as a text message or fingerprint
- Ensure all software is up to date and kept updated on a regular basis
- Back up your files and data weekly and store on a separate, secure device
- Educate employees around cyber-crime, including how to spot potentially dangerous or fraudulent emails or websites
- Install a firewall and anti-virus software on all company devices and keep them updated
- Make sure factory set passwords are changed periodically and equipment is set up with security in mind
- Where appropriate, use a Virtual Private Network (VPN) when allowing employees access to company systems remotely. Ensure this too is protected by Two Step Verification
- Don’t neglect physical security – ensuring all company devices are securely stored and locked away when not in use is just as important.