Google and UK National Cyber Security Centre (NCSC) offer free cybersecurity training to SMEs for enhanced online protection. Josh Edelson/AFP

In an effort to equip small- to medium-sized enterprises (SMEs) with essential cybersecurity knowledge, Google and the UK National Cyber Security Centre (NCSC) have launched a free training program called 'Improve your online business security.'

The course, which can be accessed online or in person at Google's Digital Garage events across the country, offers valuable insights into cybersecurity best practices and lasts for one hour.

Developed in collaboration with Google's own in-house white hat hackers featured in the cybersecurity series 'Hacking Google', the SME cybersecurity training program draws on the team's expertise in defending the technology company against cyberattacks. The training program aims to address the vulnerability of SMEs to cyber threats, as these businesses often lack the necessary tools and expertise to establish strong cybersecurity measures.

Recent findings from the UK government's 2023 cybersecurity breaches study revealed a concerning trend of senior managers in small businesses perceiving cybersecurity as less of a priority in the current economic context compared to previous years. This shift in perception has led to decreased vigilance in monitoring and logging breaches or attacks. The survey indicated a drop in the percentage of small firms prioritising cybersecurity from 80 per cent in 2022 to 68 per cent this year.

Google's free SME cybersecurity training program consists of four comprehensive lessons that cover various aspects of online security. The lessons include creating a secure online customer experience, securing employee devices, protecting networks, systems, and software, and training employees in online security. The course offers video training, practical advice, and topic-ending tests to strengthen force learning.

Sarah Lyons, NCSC Deputy Director for Economics and Society, spoke on the importance of cybersecurity for SMEs, emphasising the potential repercussions of successful cyberattacks. She said these attacks can be disastrous for businesses, causing severe disruptions to daily operations and, in extreme cases, leading to complete shutdowns.

Lyons firmly encouraged small business owners to take advantage of the training program and explore additional resources offered by the NCSC to fortify their defences against cybercriminals.

The NCSC previously announced the full launch of the Cyber Advisor program in April, which aims to help SMEs meet cybersecurity standards. With 20 approved providers offering services to businesses in need of enhanced security measures, the program focuses on promoting participation in the Cyber Essentials program, which outlines best practices. Future iterations of the Cyber Advisor scheme will concentrate on other cybersecurity best practices.

Catherine H., Head of Assured Professional Schemes, Industry Assurance at NCSC, highlighted the challenges faced by small businesses in allocating resources to cybersecurity. She believes that limited time and financial constraints often hinder their ability to invest in robust security measures. The Cyber Advisors program aims to address these challenges by providing targeted consultancy to small businesses, schools, and charities, helping them secure their networks effectively.

According to a report by VIPRE, the escalating cyber environment poses significant financial risks to small businesses, with high costs associated with being targeted in cyberattacks. The report also highlighted the prevalence of zero-day attacks and the vulnerability of Internet of Things (IoT) devices as ongoing concerns.

Furthermore, VIPRE's study revealed that the financial repercussions of cyberattacks on small businesses can be substantial. In 2022, small businesses with 10 or more employees had an average turnover of £2,802,670, significantly less than the average cost of a data breach, which can exceed £4.5 million, according to the Cost of a Data Breach Report 2022 by IBM/Ponemon Institute, the report further stated.

In a related development, the NCSC has unveiled plans for the launch of the Cyber Incident Response Level 2 scheme. With the announcement of its first delivery partner, the NCSC is now inviting incident response providers to join this groundbreaking initiative.

The expansion of the incident response scheme aims to cater to a wider range of clients, and the NCSC is pleased to introduce CREST as its inaugural Delivery Partner, recognizing the need for collaboration in tackling cyber threats.