From phishing scams to AI-powered attacks, the cyber threat landscape is evolving rapidly, with no business being immune.
While national headlines often focus on breaches at big-name brands, Gloucestershire’s SMEs are just as, if not more, vulnerable – often without the tools or knowledge to defend themselves.
SoGlos caught up with technical director and IT support expert at System Force IT, Jez Walton, to find out what threats local firms are facing, what simple steps can make a big difference and why AI will never beat a well-trained, dedicated team of IT engineers.
Cyber crime is rising across the UK. What would you say are the specific threats that Gloucestershire businesses are facing right now?
The biggest threat facing Gloucestershire businesses today isn't just the cyber criminals themselves, it's a lack of understanding around cyber security.
Many companies either don't fully grasp the importance of strong digital security or, in some cases, choose not to engage with it until it's too late.
If huge businesses like M&S can be hit by cyber crime, why could SMEs be particularly vulnerable to being targeted by cyber criminals?
While high-profile businesses like M&S make the headlines when they're hit, SMEs can be more frequent targets.
There are three key reasons why:
- Limited resources – most SMEs don't have the resources like dedicated cyber security teams or a budget for security systems.
- Low awareness and training – many SME employees haven't received proper cyber security training, making them more likely to fall for scams.
- False sense of security – some SMEs may believe they're 'too small' to be targeted by hackers.
What are some simple things that Gloucestershire SMEs can do to prevent an attack? Is there a checklist?
There's a range of powerful steps that Gloucestershire SMEs can take right now to improve their cyber defences.
We always recommend attending one of our free cyber security awareness courses for practical advice.
We'd also suggest carrying out a cyber security review within the business. Work to understand what data and systems you hold and where the vulnerabilities may lie.
The most important thing would be to allocate a part of your budget towards gaining a Cyber Essentials Certification. This is a government-backed scheme that sets out a solid baseline for cyber security; covering five essential areas; secure configuration; boundary firewalls and internet gateways; access control; malware protection; and patch management.
Achieving this certification demonstrates to clients, partners and suppliers that you take cyber security seriously.
What role can a managed service provider like System Force IT play in preventing cyber attacks before they happen? Why is this important for SMEs to consider?
The role of System Force IT in preventing attacks is providing the right protection, limiting access and training users on the network.
Monitoring the systems 24/7 with a Security Operations Centre (SOC) is one of the most important steps that can help prevent an attack before it can actually penetrate the network or resources.
System Force IT's SOC's in the UK and the US enables us to respond quickly and efficiently to all security incidents, providing top-level support to clients of all sizes.
Whether it's the middle of the night or a bank holiday, System Force IT's engineers are working behind the scenes, so clients can speak to us at any time.
Can you walk us through the proactive approach System Force IT takes?
We use multiple technologies to help us spot issues – these can be broadband-related, email, server or heat power-related.
There are so many to monitor that we could never list them all!
We monitor all parts of the system, allowing us to identify issues before they affect the client. In most cases, we resolve the problem without the client's involvement which enables business leaders to focus on their own tasks.
With AI-powered threats and scams becoming increasingly sophisticated, how is System Force IT staying ahead of the curve?
It's true that AI is transforming the cyber security landscape.
It's also true that it will cause many issues in the upcoming months or years, but nothing can ever beat a well-trained, well-inspired and dedicated team of individuals trying to provide the best service possible.
What do you predict could be the biggest cyber security challenges for SMEs over the next 12 months?
With the rise of the media covering incidents, the key challenge is to avoid knee-jerk reactions.
Some companies we have heard from have gone out and overspent on security, only to find that they have missed the biggest risk in their organisation: the users.
Users need to be trained to spot issues and know exactly what to do if they do manage to cause an incident.
This is where we can help support and advise.
