COVERFEATURE
PROTECT YOUR BUSINESS AND CUSTOMERS WITH CYBER ESSENTIALS Size really doesn’t matter when it comes to cybercrime. Whether you’re a sole trader or a multi-million-pound business, you should take basic steps to protect your money and reputation, as Matthew Parsons of Surf Tech IT, explains.
Cybercrime sounds like something out of a sci-fi movie, so many companies think it will never happen to them. In fact, the threat is very real – and growing – particularly for law firms committed to legal excellence, or other key sectors like finance and healthcare with access to sensitive client data. The UK’s legal sector alone is worth around £60bn per year, making it a very attractive target for cybercriminals. The most common security breaches involve phishing, hacking into business emails and systems, and ransomware. Some attacks target the firms, others directly target the clients during transactions. But simple steps can make all the difference, as Matthew, from award-winning IT services and solutions provider Surf Tech IT, points out. “It’s best practice for firms handling personal information or delivering certain IT products and services to have their information and security policy
Surf Tech IT won Micro Business of the Year at the Chamber Business Awards.
in-line with Cyber Essentials. In fact, we have this accreditation ourselves! It’s a government-led scheme using five key technical controls (Boundary Firewalls, Secure Configuration, Access Control, Malware Protection and Patch Management) to reduce 80% of common cyber threats. “An online questionnaire helps pinpoint any weaknesses in your policies; for instance, you might need to use more complex passwords, choose different passwords for different processes, or update your IT systems. It’s bread and butter stuff really, but there is still a lot of complacency around.” All Lexcel accredited law firms are expected to achieve Cyber Essentials. Firms with the next level up, Cyber Essentials Plus (which is verified by an external body), are also recognised by the SRA as more likely to have good policies in place, and to have taken effective steps to protect themselves – and their clients – from costly breaches.
Matthew Parsons, managing director of Surf Tech IT.
026
Matthew added: “Surf Tech IT is definitely not in the business of scaremongering, or pushing the hard sell, but businesses should be aware that cybercrime is on the rise, particularly now during the pandemic. In fact, businesses faced a 20% rise in cyber security threats in 2020 when compared to 2019. Even if your operating systems are only down for a day, it could
still cost thousands of pounds in revenue and reputation. “Just imagine getting a message saying your data is encrypted and demanding a Bitcoin ransom. Even if you pay up, there’s no guarantee you will get the decryption key. Or internal staff could be sent an email spoof pretending to be the MD or finance director, pushing for immediate payment of an invoice. “We see our role as educating business owners about the risks, and advising them on the best solutions for their needs. For example, any firm would fail Cyber Essentials instantly if they are still running Windows 7, or have old phone handsets which are no longer supported by the provider. We also set up tests to help staff spot fake communications.” Surf Tech IT, based in Stourport, has grown exponentially since launch in 2014, and recently won Micro Business of the Year at the Chamber Business Awards. However, Matthew has never lost sight of his original values. “Our ultimate goal is to support clients through their own unique challenges. We aim to inform and educate in a way that’s wholly transparent. This award recognises how we always put our customers first, and nothing means more to us than that.” More details at surftechit.co.uk.
January/February 2022
