Hacking: British government extends Innovation Vouchers

Last night the stock market took a frightening tumble: following the hacking of the Associated Press Twitter account and a post about President Obama and The White House, at 13:06 EST the S&P 500 fell about 1%, a value of $130 billion. As traders hit the sell button, automated selling took over and funds moved into the Yen and Treasury bonds. At 13:09 EST, the panic was over as AP issued a hasty clarification from another Twitter account and fact-checking (remember that novel practice?) had eased potential chaos. It appears the Syrian Electronic Army were behind the hack on the AP account and have been active on Twitter for some time, hacking amongst others, the Qatar Foundation’s Twitter account last month as part of a pro-Assad campaign. I use the term hacking – somewhat of a misnomer as this sort of action is known as social hacking, or social engineering. Mike Baker from AP tweeted that staff had received a phishing email which looks to have installed malware on AP staff computers, giving the SEA access to log-in passwords.

What does this mean to small business?
Social hacking and breaches like the AP Twitter account are by far the most common sort of cyber-security threat. Spotty youths with laptops or activists are not the big threat to small business; the threat to you is about your banking and finance details, your customers’ details, data and their payment information. The bad guys are interested in details that can be converted to cash – and that means competitively valuable information like sales reports and new business leads – the cost to trust and reputation also have to be considered.

“Keeping electronic information safe and secure is vital to a business’s bottom line. Companies are more at risk than ever of having their cyber security compromised, in particular small businesses, and no sector is immune from attack. But there are simple steps that can be taken to prevent the majority of incidents.”

— Minister for Universities and Science David Willetts

Small business are certainly under greater threat than ever as more data and trade is moving to the web and cloud. Security at the leading computer companies who provide cloud and web services to you is generally excellent, but the social or human element is where the threat is greatest – does a former disgruntled employee still have log-in details to your CRM system where you record everything a competitor would want to know about your business?

The 2013 Information Security Breaches Survey indicates that 87% of small businesses across all sectors in the UK experienced a breach of some type in the last year; that’s up more than 10% and cost small businesses up to 6% of their turnover with the average cost of a serious breach or hacking incident at small organisations costing £35,000 or more.

“It is estimated that 80 per cent or more of currently successful attacks can be prevented by simple best practice. This could be steps as straightforward as ensuring staff do not open suspicious-looking emails or ensuring sensitive data is encrypted.”

— Source: GCHQ

It’s welcome news then that the Technology Strategy Board is extending its Innovation Vouchers scheme to allow small and medium enterprises (SMEs) to bid for up to £5,000 from a £500,000 pot to improve their cyber security by bringing in external security expertise. The Department for Business, Innovation and Skills (BIS) is also publishing guidance to help small businesses accept cyber security as part of their normal business risk management process. A really positive initiative – and an announcement that couldn’t be more welcome for businesses growing aware of a threat and wondering what to do next, and the widely reported hacking incidents may prompt those business owners to sit-up, listen and act.

The scheme opened on the 15th of April and closes on the 24th of July 2013, so if applying, you should get started as soon as possible.

External links & references

  1. Cyber-security section @ Innovation Vouchers
  2.  BIS : Plan for Growth : PDF
  3. Australian central bank hacked? Not so much.  @ RedCert.com
  4. Business leaders urged to step-up to cyber threat
  5. 10 Steps to Cyber Security – Executive Companion: BIS:CPNI
  6. Get Safe Online website


Related Posts
Read More

2013 Action Plan for Jobs & Business On-line Voucher

Today the Taoiseach, the Tánaiste and the Jobs & Enterprise Minister  launched the government's Action Plan for Jobs 2013, the next step in the Government’s plan to rebuild the economy and accelerate the transition to a sustainable, jobs-rich economy based on enterprise, innovation and exports. The Plan contains 333 actions to be implemented in 2013 by 16 Government Departments and 46 agencies.  It has a significant technology element to it - ICT Skills and Big Data get specific focus having consideration for how they can impact the Irish economy in a positive way.
Read More

Fingal Enterprise Week 2012

​I spoke about how disruptive technology is changing things for both the consumer and consequentially the SME. The single message that I hoped to leave attendees with was 'think mobile'. With mobile devices accounting for at least 20% of internet traffic now, and we're told these mobile users are more likely to buy, it's critical that business owners prepare themselves to deal with the mobile customer. Why?

Read More

Open data, does not mean losing our data. Get it?

Not much time passes between reports of another authority, company or agency losing someone's data. Spying or intelligence agencies nosing around your data is one thing, I'm referring to how people are losing our data the old fashioned way; laptop, train home, oops. Laptops, tablets and USB keys - all of them it seems appear to be dropping out of sight, and control at an alarming rate the world over. I know we live in the era of open data - but someone needs to explain that means sharing data, not leaving it in a pub lavatory.