The Big Squeeze

A guide to Cyber security for SMEs - what every business owner should know

Cybersecurity is a crucial aspect of running a small or medium-sized enterprise (SME). With the increasing reliance on technology and the internet, SMEs are just as vulnerable to cyber-attacks as larger companies. Here is a guide to help SME business owners understand and protect their companies from cyber threats.


  1. Understand the types of cyber threats: There are many different types of cyber threats that SMEs may face, including malware, phishing, and ransomware. Malware is malicious software that can harm your computer or steal your data. Phishing is a type of social engineering where attackers trick you into giving them sensitive information, such as login credentials. Ransomware is a type of malware that encrypts your data and demands a ransom to be paid in order to regain access.
  2. Create a cybersecurity plan: Developing a cybersecurity plan is crucial for protecting your business from cyber threats. This plan should include steps to protect your network and data, as well as procedures to follow in case of a cyber-attack. It should also include employee education and regular security assessments.
  3. Use strong passwords: Passwords are often the first line of defence against cyber-attacks. Make sure all employees use strong, unique passwords for all accounts and devices. You can also use a password manager to generate and store passwords for you.
  4. Keep software up to date: Software updates often include security patches to fix vulnerabilities. Make sure all software is up to date on all devices, including computers, servers, and mobile devices.
  5. Backup your data: Regularly backing up your data is essential in case of a cyber-attack. This will allow you to restore your data and get back to business quickly. Make sure to store backups off-site, in case of a disaster.
  6. Train employees: It's important to educate employees on the importance of cybersecurity and how to recognise and avoid potential threats. This includes training on safe internet browsing, email safety and avoiding phishing scams.
  7. Use a Firewall: A firewall helps to protect your network by blocking unauthorised access. Make sure to have a firewall in place, and configure it properly to ensure maximum protection.
  8. Use antivirus software: Antivirus software can help to protect your devices and network from malware. Make sure to use a reputable antivirus software and keep it up to date.
  9. Be aware of social engineering: Social engineering is a tactic used by cybercriminals to trick individuals into giving away sensitive information. Be aware of this tactic and train your employees to recognize and avoid social engineering attempts.
  10. Have an incident response plan: Having an incident response plan in place is essential in case of a cyber-attack. This plan should outline the steps to take in case of an attack, including who to contact and what actions to take.


In conclusion, SMEs are at risk of cyber-attack just like larger companies, but with a bit of preparation and a good cyber security plan, you can protect your business from the majority of cyber threats. Make sure to stay educated and aware of the latest threats, and work with a cyber security professional to ensure your business is as secure as possible.


Rob Boll
Founder & CEO