A good talk about the risks and realities that small businesses face in the cyber domain.
SME are basically not doing enough and are expecting someone to do cyber for them.
There was a nice breakdown of wannacry and its effects on SME in the UK, and the ‘Not Petya’ attack a few weeks later (eg maersk could only communicate via WhatsApp) 10bn lost, 2000 businesses impacted, but UK was minimally affected
Moving on to mitigation and preparedness, pretty much make sure you have the basics covered – password policies, patched, up to date systems, awareness around phishing etc
Impact for SME is legal, monitary and reputational.
We have to manage cyber as we mange any other risk.
Leading on to the cyber essentials scheme…