Most small businesses have had a security breach. Have you?

Most small businesses have had a security breach. Have you?

If government statistics are accurate, even the smallest companies need to give serious thought to IT security. That's because official figures show 76% of small businesses have reported a cyber-breach in the last year alone.

You can tell the government is alarmed by the statistics, because it has decided to establish a 'Cyber Reserve' force to deal with the security threats posed by online crime. It's uncertain what this means in practice, as the details won't be revealed until next year.

However, it should signal a more co-ordinated approach to combating cyber-crime, with the goverment recruiting experts to fight back against sophisticated hackers and fraudsters.

Although things have moved on considerably since this 2006 report found internet fraud was slipping through policing procedures, it still sometimes seems like online criminals are several steps ahead of the authorities.

Your business is at risk. Really.

Just in case the message hasn't sunk in yet, let's make it absolutely clear: your business could be a target for online criminals.

We recently spoke to security expert Don Smith who explained that smaller companies often find themselves singled out in online attacks because they're seen as soft targets:

“More and more smaller companies are being attacked by cyber criminals, yet many still hold the view that they are too small to be targeted."

"If they have any public profile – if they’ve been in the news, for instance - then they can be a soft target. They also might get targeted if they handle the intellectual property of big clients, for example, a creative agency working on a big account."

“This leaves small organisations vulnerable to a number of risks, including attacks, data loss, service disruptions and reputation damage. Just like larger enterprises, small businesses need visibility into the threats that face their organisation.”

Clearly, that begs the question: what should you do about it? Hopefully, you'll have got the basics right. You'll be protecting your network with a firewall, and each individual computer and server in your business will have its own firewall too.

You should definitely be running security software too (try Norton Internet Security, McAfee All Access or ESET).

But to really get a grip on your IT security, you need to spend a little time on security planning. The first stage is to identify your most valuable data, so you can find ways to protec it.

It's worth reading the full interview with Don to understand a bit more about the security issues your company could face. We also have some really useful information about putting a security plan together and assessing the risks your business faces.

With just a little preparation, you can reduce the chance of your business becoming another IT security statistic.

• Staying safe in the changing world of IT
• Simple IT security for smaller companies
• Five mistakes you could be making with your IT security

(Police lantern image: conner395 on Flickr.)