How to protect SMEs from software flaws and Cyber Attacks

Unlocking Cyber Security of SMEs

Unlocking Cyber Security of SMEs

As Cyber Security becomes one of the top priorities for businesses a new UK Government-backed scheme offers free guidance to protect SMEs from software flaws and cyber attacks

Cybersecurity is a now a top matter increasingly relevant to board members and any professionals of SMEs and large corporations. Therefore understanding and mastering the fundamentals of Cyber Security will help any organisation or professional to protect itself from external and internal cyber threats and all its consequences.

In a recent 7 part Guide Introduction to Cybersecurity in Intelligenthq.com Jean Lehmann highlights some useful terms that can be helpful in understanding CyberSecurity, such as: Active attack, Blacklist, Bot, Critical infrastructure, Data breach, Intrusion detection, Key, Malware, Passive attack, Penetration testing, Phishing, Virus. These terms are critical and should be part of the vocabulary of business professionals to be conscious of the reality of cyber security and how hackers are now a real threat to any business.

 In the guide he uses a definition according to Margaret Rouse (2010) to define this term:

Cybersecurity can be defined as the body of technologies, processes and practices designed to protect networks, computers, programs and data from attacks, damage or unauthorized access.

There is no doubt that “Hackers are now more ambitious than ever,” states Mark Anderson, global corporate intelligence leader at PwC. And we are only at the beginning! Things will become more complex and difficult as any business in the world becomes digitalised including reputation, software services, accounting, finance transactions, CVs, and so forth.

Cyber crime is a global concern for businesses and governments and is special an issues in developed countries. Just in UK Cyber attacks issues targeting British businesses have rocketed 130 per cent over the past two years, with the so-called “silver fraudsters” stepping up their fraudulent activity.

The full scale of computer crime in the world and specific in the UK is laid bare in a new investigation by accountancy giant PwC that gives an impressive scale of the crime and also highlights the challenges that ironically range from senior managers dipping their fingers in the digital till cyber crime to large-scale cyber attacks and hacking.

Professional services firm BDO also recently pegged the value of reported fraud in the UK at £1.5bn in 2015, these numbers more than double compared with £720m the year before.

10 Steps To Cyber Security: At-a-glance infographic by GCHQ from UK Government

10 Steps To Cyber Security: At-a-glance infographic by GCHQ from UK Government

UK Government-backed Trustworthy Software Initiative is launching ‘Trustworthy Software Essentials

Aware that many small firms are more and more vulnerable to critical software glitches and cyber-attacks, because they increasingly depend on digital web-based tools for critical business operations but lack the knowledge, time and resources to ensure their software is designed and maintained to a high standard has created some new opportunities by the UK government to try to answer to this.

Therefore the fantastic initiative Government-backed Trustworthy Software Initiative is launching ‘Trustworthy Software Essentials’ a project / program that gives Britain’s small businesses an essential free access to world-leading guidance, drawn up in consultation with Universities, multinationals and Government bodies, on how to reduce software flaws that are undermining SME productivity and security.

In the follow up of a 2015 Government report warning that Britain’s small businesses were putting a third of their revenue at risk, because of failure to take basic security precautions including updating and patching software it was created the Trustworthy Software Initiative.

TSI’s Stakeholder Forum has reviewed and updated this roadmap, now called “TS13″ (TrustworthySoftware roadmap for 2013) :

TSI’s Stakeholder Forum has reviewed and updated this roadmap, now called “TS13″ (TrustworthySoftware roadmap for 2013) :

 

The Trustworthy Software Initiative according to a recent launched PR is part of the UK Government’s National Cyber Security Strategy to improve the UK’s ability to combat cyber risks and ensure that the UK leads the way in trustworthy software systems and expertise.

Trustworthy Software Essentials, modelled on the Government “Cyber Essentials” scheme to protect small firms against cyber threats, will give SMEs free and easy-to-implement guidance based on input from the world’s leading authorities; from Microsoft to the Department for Business Innovation & Skills, to reduce costly software problems and cyber-attacks that exploit insecure software.

Trustworthy Software Essentials includes a video guide and documents available under Open Government License to help SMEs create and maintain secure, high-quality software to a trusted standard at a low cost.

Ian Howles, Executive Director, UK Testing Board, said:

“As we move towards a digital economy, software is becoming a ‘single point of failure’ for many businesses. Software failures can compromise vital services upon which SMEs depend, from online payment services to customer data, while software vulnerabilities can leave them exposed to ransomware or theft of their IP. Trustworthy Software Essentials gives small businesses with little time and resources, free access to world-class guidance to ensure they have software that is safe, functions as and when it should, recovers quickly from errors and is secure against cyber-attack.”

Alastair Revell, Director General of the Institution of Analysts and Programmers added:

“Society is increasingly dependent on millions of lines of code to run everything from our businesses to our vehicles. Yet the quality of software in the UK remains a serious concern and the increasing dependence of companies on badly-designed software is threatening productivity and security. Many small firms simply lack the knowledge and resources to ensure that they are buying trustworthy software or maintaining it to the right standard; for example, 24% of small firms think that cyber security is too expensive to implement and 22% of admit that they ‘don’t know where to start’. Trustworthy Software Essentials gives small companies free and simple-to-use tools designed by leading Universities, major enterprises and government bodies that will dramatically cut the cost of improving the quality of software they rely on.”

The Trustworthy Software Initiative was established in response to UK Government investigations revealing that the widespread prevalence of poor coding practices was threatening the UK economy. It has already provided vital targeted education, standards, skills and guidance to many organisations ranging from SMEs to multinational companies and Air Traffic Control Centres across the UK.

Tony Dyhouse, Stakeholder Director at the Trustworthy Software Initiative, said:

“Trustworthy Software Essentials aims to safeguard Britain’s digital economy by offering businesses basic, cost-effective, guidance to help ensure software failures and vulnerabilities do not harm their profitability, security and reputation. Britain has a serious problem with poorly-designed, insecure software affecting businesses and we have seen numerous incidents where poorly-written software has led to shutdowns of airports, banking services, recalls of vehicles and major cyber-attacks even on large firms.”

System Security Breach - Cyber security Image

System Security Breach – Cyber security Image

About the TSI:

The Trustworthy Software Initiative (TSI) is part of the UK Government’s National Cyber Security Programme to improve the UK’s ability to combat cyber risks and ensure that the UK leads the way in trustworthy software systems and expertise. The objective of TSI is to provide the knowledge, skills and capability for supply, demand and “corpus” (education and research) communities such that trustworthy software can be designed, implemented, sustainably maintained and assured in a risk‐based, whole‐life process.

TSI works with organisations and individuals in the UK, and international partners, including government, academia, private/public companies, software developers and users, to achieve a recognised level of trust of software by providing targeted education, skills, standards and guidance.

For more information about Trustworthy Software Essentials, visit the TSI website here: http://www.uk-tsi.org/

You can access the free ‘Trustworthy Software Essentials’ guidance for businesses here: https://sites.google.com/site/uktsisecondarydownload/

You can watch the Trustworthy Software Essentials video guide for businesses here: https://youtu.be/xRG5pbOiemc