Government tells UK SMEs to be 'cyber streetwise'

Government is urging SMEs to become "cyber streetwise," to reduce the risk of cyber attack

The government has launched a campaign urging small and medium-sized enterprises (SMEs) to become "cyber streetwise," to reduce the risk of cyber attack.

The Cyber Streetwise campaign is aimed at changing the way people view online safety by providing the skills and knowledge required to take control of cyber security.

According to the government's most recent National Cyber Security Consumer Tracker, few people take simple steps to protect themselves online.

The survey found that just 44% of people install internet security software on new equipment, only 37% download security updates personal computers, only 21% download security updates for smartphones and mobile devices, only 30% use complex passwords to protect online accounts, and 57% do not always check websites are secure before making an online purchase.

Gary Fairley, cyber and digital lead at the Scottish Business Resilience Centre (SBRC), told the BBC that such behaviour could have a significant impact on the companies they worked for.

"There has been a shift in cyber criminals' attention towards SMEs in the last year or so and it's important that businesses take the threat seriously," he said.

According to Fairley, getting the basics right will help protect businesses against the majority of known threats.

He urged companies to ensure security patches are up to date, that passwords are strong, unique and changed regularly, and that staff know what their responsibilities are in protecting business information.

Initially funded by the government's National Cyber Security Programme, the Cyber Streetwise campaign is receiving support and investment from a number of private sector partners.

These include Symantec, which is supporting Cyber Streetwise through the provision of information to the site as well as communications to staff and customers.

"Public awareness campaigns such as this are vital in helping to bring today’s digital threats to life," said Simon Moor, Symantec vice-president for UK & Ireland.

"Online threats are consistently evolving, however people can be lulled into a sense of false security by the sheer ubiquity of connected technology leaving themselves open to being tricked into downloading malware, or cybercriminals accessing their personal data,"he said.

Moor said even tech-savvy people can benefit from a regular reassessment of their usage of web connected devices.

UK Security Minister James Brokenshire said the aim of the campaign is to offer help and advice to assist in the fight against online criminals.

"The internet has radically changed the way we work and socialise. It has created a wealth of opportunities, but with these opportunities there are also threats.

"However, by taking a few simple steps while online the public can keep cyber criminals out and their information safe,” he said.

While public awareness campaigns top this year’s cyber agenda, 2014 will also see the first national computer emergency response team (CERT-UK) become operational as part of the government’s objective to reinforce cyber incident response arrangements.

To help address the lack of people in the UK with cyber security skills, the government plans to expand vocational cyber security training through internships and apprenticeships.

In addition to these initiatives, the government plans to continue to participate in international efforts to establish cyber security standards.

Allied to this, is the UK government’s efforts to help build cyber security capacity internationally through the newly established international capacity building centre.

Read more on Security policy and user awareness