A COMPREHENSIVE new guide has been produced to help SMEs combat the ever-growing threat from cyber crime, by the country’s leading experts in the field – the CyberScotland Partnership.
The ‘Cyber Strategy for Small Organisations’ guidebook has been written specifically for people without any technical background in the subject.
The free handbook, available now on the CyberScotland Portal, was created by ethical hackers at the Cyber and Fraud Centre – Scotland, one of the Partnership’s founding partners.
Its publication comes as latest research from Vodafone reveals that more than half (54%) of UK SMEs experienced some form of cyber attack in 2022, up from 39% in 2020.
The guidebook outlines short, medium, and long-term priorities SMEs should consider when developing their own cyber security strategy, with tactics ranging from password protection and backups, to undergoing a security audit and obtaining certifications.
Jude McCorry, Chair of the CyberScotland Partnership, said: “All types of business are at growing risk of a cyber attack. But unlike larger organisations, SMEs may not have the internal resources to maintain operations during an incident – so an attack could potentially shut them down or certainly have damaging long-term effects on their reputation.
“While there are several other excellent resources already available – the National Cyber Security Centre’s 10 Steps to Cyber Security and Small Business Guide: Cyber Security, for instance – this is certainly the most comprehensive that specifically deals with creating a cyber strategy for small organisations, going beyond the basics of cyber security.
“Of course, creating a positive culture around security and upskilling the team is equally important – and the guidebook goes into detail about that too. A company’s security measures are only as strong as the knowledge of the overall team, so it is vital organisations ensure all employees are involved in keeping operations secure.”
The need for this type of guidebook was first identified in conversations with business leaders at the first Executive Education programme in 2022 – a free course aimed at helping CEOs, directors, and non-executive directors in the public and private sectors become more involved in their organisation’s cyber security.
