5 Cybersecurity Threats Faced By Small Businesses Today.

Small businesses are increasingly becoming targets for cybercriminals who see them as easy targets due to their often-limited cybersecurity resources. In fact, a recent study found that over half of small businesses have experienced a cyber-attack in the past year alone.

With more employees working remotely and relying on digital tools in order to carry out their job, the risk of cyberattacks has never been higher. In this blog post we’ll explore 5 cybersecurity threats facing small businesses today and provide tips on how you can best protect your business from threats such as these.

Cybersecurity Phishing Attacks

Phishing attacks are a type of social engineering attack where attackers, scammers or hackers trick people into giving away sensitive information by posing as a trustworthy entity.

These attacks can take many forms such as emails where users are enticed to click on a malicious link or file, phone calls where people are encouraged to provide their internet banking information or passwords and now, even text messages can include links and downloads for malicious files – with being so varied, they can often be difficult to detect.

Phishing attacks are the biggest and most widespread threat facing small businesses. Over the years, we have seen phishing attacks becoming much more sophisticated along with the growth in technology such as AI, and due to the fact they use social engineering to target humans within the business rather than the businesses technological weaknesses, unless you are aware of this type of attack, they can be difficult to combat. There are, however, a number of ways you can look to prevent falling prey.

  • Cybersecurity Training

Training and awareness can be a huge help to protecting your business from phishing. Educating your employees and providing training which helps them to identify phishing emails such as looking out for spelling errors, and ensuring they understand the importance of verifying senders email address of who they are speaking to on the phone is a great first step in protecting business assets.

  • Multi Factor Authentication

Multi-factor authentication (MFA) is very important when it comes to
mitigating the risks of phishing. As discussed in our previous blog post, MFA applies an extra layer of security to the authentication process when users attempt to log into an account. This is commonly delivered as a SMS-code, or a biometric check such as a fingerprint or FaceID. With MFA in place, if an attacker is able to compromise the account name or password using their phishing methods – they would still fall short when met with this second layer of security.

  • Keep Software Up To Date

Installing anti phishing software and keeping software including your web browser up to date with the latest security patches and updates can help prevent hackers exploiting vulnerabilities.


Ransomware is a malware that encrypts a victims files and demands payment in exchange for the decryption key. Small businesses are particularly vulnerable to this type of attack because they often lack the funds needed to recover from such an attack, or to even pay the initial ransom in the first place. Ransomware can be devastating in many ways including the risk of lost data, financial loss, downtime in the business while dealing with the attack and potential fines for non-regulatory compliance if sensitive data is affected or accessed. There are ways that businesses can protect themselves from such attacks,

  • Back Up Data

Regularly backing up business data to a secure location that is not connected
to your network can help ensure that data can be recovered in the event of a
ransomware attack. We recommend a cloud storage solution, which you can
read more about on our services page.

  • Anti-Malware Software

Using antimalware software can help detect and prevent ransomware attacks
and can block known ransomware threats while monitoring for suspicious
activity. We can assist you with the installation and updates of this.

  • Develop a Response Plan

Despite best efforts, you may still fall foul to a ransomware attack so it’s best
to be prepared for this eventuality so you can deal with it quickly, and efficiently, should you need to.
A response plan should include steps for isolating infected systems, recovering data from backups and the reporting of attacks to relevant authorities.

Insider Threats

Insider threats refer to a threat that comes from within the organization itself, for example,
through the actions of an employee. This can also include actions from a contractor, third
party vendor who have access to sensitive information. Insider threats can be either intentional, or unintentional, such as through careless behaviour – and run the risk of data breaches, theft and/or sabotage. Insider threats can include data theft, sabotage, fraud, reputation damage and compliance violations.

  • Limit Access

Often in small businesses, the team all have access to files, documentations and information
that perhaps they don’t need access to, in order to complete their jobs. To avoid this, small
businesses may want to consider implementing controls based on individual roles so that
they can more easily manage and monitor the access to sensitive data.

  • Maintain Policies and Provide Training

Businesses should have policies in place in regards to safe data handling and be prepared to
train staff on the handling of such data, as well as best practices in protecting data and files.
Policies can also include the acceptable use of technology such as work laptops and computers. Fraud is a contributor to insider threats and to avoid such risk, regular audits and a policy for reporting suspected fraud should be in place.

  • Remain Compliant

Insider threats can violate regulatory compliance requirements such as HIPAA. To avoid this,
small businesses should also implement procedures and make sure they are aware of regulations. Regulatory compliance requirements may differ in relevance depending on your business industry or clients.

Weak Passwords

Weak or easily guessed passwords continue to be a threat to businesses. Many small
businesses rely on multiple cloud based services such as Dropbox which require different
accounts to log in. These services can contain all sorts of sensitive date, from financial information to
client date. Using easily guessed, common passwords – or the same password across all
accounts, can play a key role in this data being accessed.

Using Multi-Factor Authentication can help with securing accounts, as can using a business password management technology – this sort of platform helps employees manage password for accounts by suggesting strong passwords that are not easily guessed.

Advanced Persistent Threats

Advanced Persistent Threats (ATPs) are a type of cyber attack that are designed to gain
unauthorized access to a network or system and remain undetected for a long period of
time. ATPs are usually carried out by highly skilled and well-funded attackers, such as
criminal organisations. ATPs can be devastating for small businesses due to the loss of data,
and damage reputation. There are steps that can be taken to protect about ATPs including:

  • Network Segmentation

Using network segmentation can isolate sensitive data and systems from the rest of the
network, this will allow you to limit the impact of a successful attack.

  • Monitor Network Traffic

Monitor tour network for signs of suspicious activity, such as a large amounts of data
transferred to external sources or unusual log in patterns.

  • Regular Security Audits

Conduct regular audits to identify vulnerabilities and weaknesses in the system which will
allow you to act on issues promptly to help mitigate an attack.

Final thoughts on cybersecurity threats faced by small businesses

Although advancements in technology is causing more sneaky cybersecurity attacks, the
good news is that businesses have many options out there which can help protect them
from attacks, or from the severity of the attacks.

We hope that this blog has got you thinking about your own business security, and if there
are any IT support areas we can help you with – reach out to us today!


Abbie McCahill

“As a small team, time at work can be quite precious so when there’s a glitch with a laptop or a computer, it can really be a nightmare. Prior to us having sfG Software to support us, if one of the laptops was playing up, I’d invariably get asked to look at it and the downtime involved would usually be significant. Now, we pay sfG a very reasonable monthly retainer and if anything goes wrong with any of our equipment, we’re all safe in the knowledge that we can pick up the phone to or raise a ticket with one of the experienced engineers and the problem will be sorted out with minimal disruption. I really wouldn’t hesitate to recommend sfG to any customers or associates and I’m really grateful to have sfG Software as an extended arm of our team! Thanks again for supporting us so well!”

Abbie McCahill, Managing Director
Adder Business Ltd, Inverness

Tony Lister

“Having just signed up to get sfG Software to look after our IT needs, I wanted to thank you and your team for what has been an exceptional onboarding process. Andy is a good listener and has very quickly helped increase our understanding of the benefits of Office 365 and helped set up our systems to work more effectively. We have already agreed a gameplan for further improvements and are delighted with his expertise and knowledge. We are confident that as our company expands, we have the right people in place to look after our systems and would happily recommend sfG Software to anyone wanting assistance with their IT needs. We look forward to working with sfG Software for many years to come.”

Tony Lister, Director
Hamish Homes, Inverness

Stewart Nicol

“We’re delighted with all aspects of the service we receive from all of the sfG team. The Helpdesk are particularly responsive to any requests we make of them and we’re kept well up to date on how the service is performing for us. It’s good to be able to endorse someone who is doing a great job for us. Keep up the good work!”

Stewart Nicol, Chief Executive
Inverness Chamber of Commerce

Highland Hospice

“Your response was great including the swift site response and working through the situation to resolution. You clearly identified the fault, where the issue was and put future mitigations in place. All this reinforces our confidence in sfG providing IT support to the Hospice.”

Highland Hospice

Scott Anderson

“Can I also take this opportunity to say that every time we deal with sfG we are always impressed at the speedy, helpful and efficient response we get. In this post-covid day and age I am finding it increasingly difficult to find suppliers who live up to their word, but sfG always deliver.”

Scott Anderson
Masson Cairns Solicitors and Estate Agents

Freda Newton

“I am often reluctant to give references in case it all goes wrong but I have to say that the support from sfG has been the best that we have had and I feel that our systems are much more robust and professional having listened to their advice.”

Freda Newton, Managing Director
Jacobite Cruises, Inverness

Louise Allen

“We started working with sfG in December 2011. We had been used to a very personal and responsive service from a sole trader, but we had outgrown this service and went out to tender. sfG won the tender convincingly, offering a blend of the personal approach we’d been used to and the capabilities and expertise of a bigger organisation.

We had a number of network issues that needed to be addressed, and we completed these within the first year of our partnership with sfG. They guided us through this work and achieved a good balance between letting us get on with what we could do for ourselves and stepping in to help. This allowed us to keep costs to a minimum, whilst ensuring that the work was carried out efficiently and effectively, with minimum disruption to the business.

They have been generous with their knowledge and we are developing our own competency through working in partnership with them. They provide us with an ongoing monthly support service, through which they carry out regular monthly updates and monitoring remotely.

On the occasions we have needed advice or attention on site, they have responded in a timely manner, appropriate to the severity of the problem. Our network is now much more robust and our support costs are predictable and well managed. We have found all the members of the sfG team a pleasure to work with.”

Louise Allen, Finance and Administration Manager
Eden Court, Inverness

Scott Murray

“We have been working with sfG for a number of years now, and have found their service to be attentive and efficient. Nothing is too much hassle, and if they can’t do something they are happy to make a recommendation for someone who can. Their pricing is great and, unlike some companies, we have never had a bill for “extras” that weren’t discussed before a project. All in all, a great bunch of guys to work with.”

Scott Murray, Managing Director
Cru Holdings

David Brookfield

“My experience of IT support companies was that they were broadly all the same and all very mediocre. Since moving our business to sfG I have changed my view entirely.

The changeover from our previous providers was seamless and since then the support we have received has been excellent. The personnel at sfG are very easy to speak to. We receive almost instant responses to our needs and help is provided even if the issue isn’t directly within their remit.

We are kept up to date with our usage and spend via the monthly activity reports which provide excellent statistics for our Board and all at a very competitive price. sfG are certainly a cut above the norm in the IT Support industry.”

David Brookfield, Head of Finance and IT

Mike Ayres

“sfG have provided IT support services to HighWater since 2011. The broad range of technical capabilities provided by their patient and dedicated support staff ensures that they are always able to respond to our needs in a timely and efficient manner. The accurate data provided by their support desk system ensures that they are able to provide HighWater with a tailored, cost-effective IT support package designed to suit the size and complexity of our company. sfG’s staff have gone above and beyond the level of support that I have typically experienced from other companies when we have had unforeseen out-of-hours IT problems. In summary, I couldn’t recommend them highly enough!”

Mike Ayres, Managing Director

Dan Rose-Bristow

“We have used sfG now since 2015 and have always found the service to be friendly and professional. They cover periodic maintenance, ad hoc issues as well as upgrade installations. They often work with 3rd party suppliers and always facilitate any issues that this can bring. sfG look after our Office 365, server and networking, PC maintenance, switches and access points, wireless infrastructure, EPOS hardware and cyber security. I would highly recommend them as a business to work with and we appreciate the service they provide for us”

Dan Rose-Bristow, Owner
The Torridon

Sarah Fowler

“We’re a small charity that has muddled by without any formal IT support for many years, with frustrations and glitches ever growing! Our IT had really started to hold us back and interfere with our day to day work. It took around a year from us initially contacting sfG for us to finally take the leap and enter into an SLA. During that time they were incredibly patient, understanding and always happy to answer any questions we had. We’ve now made the move to Office 365, supported by sfG every step of the way. There’s lots still to do but they’re happy to work with us, at a pace that suits the team, so everyone can get used to changes gradually and avoid any additional pressures. I have no hesitation in reccommending sfG.”

Sarah Fowler, Chief Officer

Jennifer MacLeod

“We were delighted to find sfG. After many years of various IT companies, we are now in a stable position with all our IT standardised. sfG staff are so helpful and efficient, always at the end of the phone to help. No issue too big or too small, always happy to help.”

Jennifer MacLeod
Stòras Uibhist

John Gell

“It’s invaluable having the team at sfG only a phone call away. Any PC-related issues are resolved quickly and with a minimum of intrusion, while server maintenance is carried out remotely as a background operation. I can’t recommend them highly enough”

John Gell, Director
Simply Let

Sarah Woodcock

“HSPC have been working with sfG for over a year, in that year sfG have helped create a new database for the business, this has made an incredible difference to work efficacy. All work processes are improved. The cost was very competitive too. sfG now also provide ongoing IT support for HSPC, this too has been faultless – round the clock friendly affordable expertise; this means we can focus on what we do best and not have to get tied up with anything when any IT problems arise, the numbers of problems are also much reduced because they set the system up well in the first place and have all the security and back up in place. We are delighted we chose sfG”

Sarah Woodcock, Manager
HSPC (Highland Solicitors Property Centre), Inverness

Ian Nicoll

“You certainly seem to be the best of the IT people we have used so far.”

Ian Nicoll
Qmulus Ltd, Inverness

Brenda Dunthorne

“sfG have provided us with IT support for a number of years and we are always very pleased with their response time and the outcome of their advice. In addition sfG have supported us in some complex bespoke software developments which demonstrated their skills and determination to achieve the desired outcome. The sfG staff are always very polite and a pleasure to work with.”

Brenda Dunthorne, Director
In Your Element

Ed Ley-Wilson

“The differences, so far, between your service and our previous experiences over the last twelve years, are firstly that you provide a proactive service and secondly you do what you say you are going to do. So far, this is certainly setting sfG apart from the ‘others'”

Ed Ley-Wilson
Leah Ley-Wilson Recruitment, Inverness-shire

Charlie Bullock

“sfG gives us far more than any other IT provider would have done. We feel in control of everything, from service levels to performance to monthly costs. It is easy for us to log and track issues, problems are solved quickly and the costs are kept low.”

Charlie Bullock, Operations Director
Aquascot Ltd, Alness, Ross-shire

Sarah Mackay

“Appointing sfG has been a wise business move for us at Canonbury Interiors. Now sfG handle all our IT issues, we are free to focus on our clients and what we do best.”

Sarah Mackay, Managing Director
Canonbury Interiors

Paul Wood

“We’ve been using sfG software for many years now for our back-office, server and IT support. Their fast, knowledgeable and reliable service has ensured IT failures and niggling computer problems are all, fortunately, a thing of the past!”

Paul Wood, Managing Director
West Highland Publishing Company

Audrey Hogan

“sfG deals very efficiently with all our IT requirements. It’s a pleasure to deal with such a friendly company.”

Audrey Hogan, Director
Caley Cruisers, Inverness

Rod Michie

“sfG Software were the only company in the Highlands that could provide us with 7 day a week cover, which is essential for our business. They have completely updated our systems and have constantly impressed us with how responsive, professional and helpful they are.”

Rod Michie, Director
Jacobite Cruises, Inverness

Stephen Gibson

“In short, we are absolutely delighted with the service provided by sfG and I would strongly recommend them for your own business.

sfG also made us aware of a programme offering donated technology products to UK charities from partners such as Microsoft and Cisco. Using our charity status we were able to purchase software licences and other products at a staggering discount, literally saving us £ thousands. You could say that this saving alone has paid for our IT support service for the next 2 or 3 years!”

Stephen Gibson, Financial Controller
The Shirlie Project, Inverness & Fort William

Dave McLaughlin

“As with most modern businesses we have become totally dependent on IT systems in all areas. Any break in service has a direct cost impact. We have been working with sfG for many years and their support is critical to our business. I would highly recommend their professional service.”

Dave McLaughlin, Managing Director,
Shandwick Supply Co

Daniel Murdoch

“We have been with sfG for just over a year now and their customer service has been first class from the first minute.  Initially, we probably weren’t their ideal client as we were just starting out, however during the first year of a business, the last thing you want to be worrying about is IT.  With a number of new employees and systems coming in throughout the year, sfG have been on top of all our needs and requirements.  Their response to any issue or query is within minutes and any issues which do arise are resolved well within their SLAs.  Their charging structure is very fair which sees us never overpaying for support which we don’t require or use throughout the year.  The team are all very friendly, personable and are quick to come and see us in person if required.”

Daniel Murdoch, Financial Planner
57 North Financial Planning

Bruce Farrell

“Without the help and support from sfG, I would still be staring at a screen now scratching my head.
The support they offer is above and beyond normal.
Extremely friendly staff, very understanding.
We required a specific bit of work done for our company and Andy was extremely helpful and did work behind the scenes that was outstanding.

The work he did will now save us hours of work.”

Bruce Farrell, Rope Access Technical Authority
Ethos Inspection Solutions