Skip to content
  • Home
  • Lorca Live Event
    • Register
    • Agenda
    • Speaker spotlight
    • Live broadcast
  • Workshops
  • Innovators in Residence
  • 2020 Highlights
  • About LORCA
    • LORCA for Enterprise
LORCA Live
29TH - 31ST MARCH 2021
#lorcalive21
  • REGISTER
  • /
  • SIGN IN
  • Home
  • Lorca Live Event
    • Register
    • Agenda
    • Speaker spotlight
    • Live broadcast
  • Workshops
  • Innovators in Residence
  • 2020 Highlights
  • About LORCA
    • LORCA for Enterprise

Education and skills

Back
Partner content
Global Cyber Alliance
Andy Bates

Andy Bates

Executive Director, UK, Middle East and India
Global Cyber Alliance
SHARE ON TWITTER
SHARE ON LINKEDIN

How to make cybersecurity accessible to SMEs

Cybersecurity is often regarded as complex and expensive and a typical SME doesn’t have a full-scale IT department or has totally outsourced IT. Most would never dream of hiring a CISO, and so look at cybersecurity as yet another thing they have to do. To make matters worse, cyber criminals are keen to steal smaller amounts of money from a larger number of people. They’re away from the FTSE/Fortune 100 and towards the SMEs. As a sector, we need to democratise access to cybersecurity so that basic cyber hygiene is not just reserved for big businesses with big budgets. 

Cybersecurity should matter to SMEs because larger businesses (including potential clients) won’t want to engage with a small firm that doesn’t have a positive, accessible cyber status. ISO27001 is a good starting point for medium sized businesses, but out of reach for smaller businesses. 

Cybersecurity should be private, easy to use, multilingual, global and, wherever possible, free. The latter is what the Global Cyber Alliance specialises in, however, there are many other reliable “freemium” services out there. For example, 1.1.1.1 and 8.8.8.8 are free protective DNS services that sit alongside 9.9.9.9 (or Quad9) – created by GCA, PCH & IBM. Quad9 now protects millions of users worldwide and blocks 60 million potential cyber events every day, while the other “quads” are similarly well known.

There is a growing groundswell of opinion that good cybersecurity should not be something which only big business and governments have access to. Similarly it used to be the case that only big businesses provided cybersecurity solutions. We have seen governments get more involved with NCSC in the UK leading the way but also LORCA in the UK, Silicon Valley and Israel are all amongst many initiatives to allow cyber start-ups to flourish in a market which was dominated by big household names. This is important to provide solutions for small businesses by small businesses. The role of the ‘third sector’, charity or NGO’s is also starting to mature, Global Cyber Alliance being one of many alliances working alongside NGO’s like the Cyber Peace Institute and others to bring about cyber hygiene as a right not a luxury commodity.

Don’t make yourself a target: the role of standards 

Cyber criminals also look to these indicators of maturity when searching for easy. At the Global Cyber Alliance, we’re fans of a global standard called DMARC. Without this, anyone can send an email using your corporate email address. Before HMRC implemented this standard, 500 million emails a year were sent in their name initiating phishing emails and fraud. We’ve noticed that when people implement DMARC initially they are amazed at the number of people who are trying to impersonate them. 

However, over several weeks small businesses all notice the same scenario – that criminals impersonate their domains less. In other words, by setting DMARC it’s a beacon to the criminals to demonstrate IT and cyber maturity. Cyber Essentials and ISO27001 also have this effect. However, these badges also help to drive business while spreading the culture of safer SMEs.

RELATED CONTENT

Article / Emerging challenges

Data ethics and the user experience: in conversation with Sports Interactive

22.08.2020
Furlough
Article / Education and skills

To reskill unemployed and furloughed workers for a career in cyber, our sector needs a culture change

09.09.2020
Article / Education and skills

How to develop your app using secure by design principles

09.09.2020
Article / The COVID-19 risk landscape

Watch back: live broadcast with IBM, the Oxford Internet Institute and former GCHQ director Robert Hannigan

15.09.2020
Article / Education and skills

WATCH BACK: LIVE BROADCAST ON TALENT AND DIVERSITY

21.09.2020
Article / Growing UK cyber

Analytics as a startup enabler: Splunk and Accuhealth

13.09.2020
Article / Education and skills

Workshop recording: VIVIDA

18.09.2020
Article / The COVID-19 risk landscape

We ask Darktrace: is AI a threat or an opportunity?

13.09.2020
Article / Growing UK cyber

WATCH BACK: LIVE BROADCAST ON SCALING CYBER STARTUPS AND THE INVESTMENT LANDSCAPE

17.09.2020
Article / Growing UK cyber

How can we rethink diversity in cyber?

17.09.2020
  • Lorka Logo - White
  • BY
  • Plexal logo - white-out
  • Twitter Icon
  • @LORCAcyber

  • #LORCALIVE21

  • Terms & Conditions
  • Privacy Policy
  • Cookie Policy

© 2023 LORCA Live. All rights reserved.

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Cookie settingsACCEPT
Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled

Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.

Non-necessary

Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.