CYBERSECURITY
“We saw an attack where someone got a new job,” Wood recalls. “The hackers found them on LinkedIn, pretended to be their boss, and tricked them into sending sensitive info.” Even sophisticated firms get hit. “We recently worked with a company that had IT support for 25 years,” says Wood. “Not one system met the basic cybersecurity standards. They ended up needing a £30,000 refresh.” For small builders, it’s about doing the basics right. Where to start Getting certified might sound daunting, especially if you’re not tech-savvy. But support is available. “The Cyber Advisor Scheme is a great place to begin,” Wood says. “They’ll review your set-up at a reduced cost and tell you exactly what needs fixing.” With some help, most small firms can complete Cyber Essentials for under £2,000. It’s an investment, but likely less costly than being a victim of fraud. “There’s also the supply chain factor,” Wood adds. “Larger contractors and public bodies are starting to require Cyber Essentials from their subcontractors. If you don’t have it, you might be losing work without even knowing.” Sadly, Wood says, it’s not a question of if but when you’ll be attacked. “Even with all our own protections, we still get targeted. But the difference is we’re ready. We’ve got back-ups. We’ve got systems in place. That means we recover quickly, and it doesn’t destroy the business.” Cybercrime is evolving. The old scams are long gone. Now, often powered by AI, attackers are sophisticated and convincing. The tools used to target governments and corporations are now being aimed at sole traders. “This is the part that keeps me up at night,” says Wood. “As a business owner, the fear of a cyberattack is real. I know it could impact my family, my team, and my clients. “You work too hard for every penny. This is about protecting your livelihood and your future.” Cyber Essentials won’t stop every threat. But it’ll give you a fighting chance, and help you to recover faster.
Five Cyber Essentials every builder needs 1 Upgrade your email – free accounts such as Hotmail or BT are a magnet for scammers. Use a domain-based email (for example; info@brilliantbuilder.co.uk) with proper authentication. 2 Turn on two-factor authentication – it’s simple and reduces risk. 3 Back up your data – cloud back-up is an option but an external provider that stores data securely and separately is best. 4 Separate work and personal – don’t use the same device to send invoices and watch YouTube with the kids. Mixing devices puts data at risk. 5 Update your software – always install updates as they often fix vulnerabilities hackers know to exploit.
So how important is Cyber Essentials for winning work? Well, it depends. Wood points out that a couple renovating their home, for example, will likely not know about it nor require you to have it. But that doesn’t mean you should disregard it immediately – especially if you work on larger projects and in the public sector. Strengthening your position Nevertheless, it can be an effective tool to protect your business. Most small builders don’t have dedicated IT support, which increases vulnerability. “I’ve had builders send me invoices via WhatsApp,” says Wood. “If something looked off, I’d call them before transferring money. But not everyone does that. If a hacker gets in and starts impersonating you, clients might pay them without question.” Wood says it happens to businesses every day – 7.78 million UK businesses
were attacked in 2023. It’s not just money at stake. One bad breach and your reputation could suffer. “People will go straight to Facebook or Trustpilot,” Wood warns. “Suddenly your business is associated with fraud – even though you were the victim.” It’s not always obvious when you’ve been hacked. Many attacks rely on subtle tactics known as social engineering. Criminals might pose as your supplier, a client, or even someone from your team.
25
Master Builder
www.fmb.org.uk
Image: Shutterstock
Made with FlippingBook - professional solution for displaying marketing and sales documents online