With the UK parliament’s second reading of the Online Safety Bill taking place last month, it’s a good time to think carefully about what online security means in our current digital age.

And as it’s Cyber Month here at TechSPARK, industry-leading managed hosting provider Cloudways wants to share vital advice on why cybersecurity matters so much, what businesses should do to adapt, how the aforementioned Cloudways services could help.

Whilst it’s too early to tell what the result of the online security bill will be, these milestone readings clearly reflect the severity of cybersecurity issues.

And regardless of what happens, the rising awareness of what can go wrong for the average internet user is already influencing the behaviour of website owners. In particular, it’s online businesses that must be wary, with companies at risk of alienating their customer bases.

Much has been written about cybersecurity since the early days of the web, but there’s no denying that the stakes are now higher than ever before, especially as we share more and more personal information online. Further still, the growth of YMTL (your money or your life) sites, the gradual diminishment of brick-and-mortar retail, and the proliferation of online misinformation are all factors that make the case for strong online security even more important.

Spotting opportunities to profit, unscrupulous individuals and organisations have escalated their efforts to exploit vulnerabilities in online systems, whether they’re using exploits from outdated software or attempting social engineering to take advantage of unsuspecting users.

So, how can businesses protect their online profiles and, crucially, protect the data of their customers?

There are two main ways in which businesses can adapt. The first involves relying on employee expertise, assembling teams of cybersecurity experts to manually monitor and maintain their systems. However, for many SMBs this can be too expensive, complicated, and increasingly impractical due to a dearth of qualified professionals.

The second, more realistic, solution for the average SME, involves implementing cloud services that have the required security features and limitations baked in. This is much more cost-effective and doesn’t need companies to understand the technicalities behind the technology, just rest assured that your website is being protected.

But what targets are they trying to reach?

The letter (and spirit) of cybersecurity legislation

Even if we temporarily leave aside the demands that may result from the implementation of the Online Safety Bill, we must contend with two key established areas of compliance: PCI (Payment Card Industry) and GDPR (the General Data Protection Regulation).

While the GDPR is a piece of EU legislation, applying to businesses based in the EU and EU customers of non-EU businesses, its arrival set a standard that the rest of the world is now expected to meet. In general, it’s better to focus on delivering worthwhile cybersecurity instead of just meeting expectations: better for customers, and better for loyalty.

Both payment and data compliance require websites to closely guard against unauthorised access and minimise their storage of financial information. This is something that a CDN like Cloudflare can help with: routing all activity through a protected system obscures it and makes it all but impossible for hackers to interfere.

What should you do to protect your customers?

There are five key actions that a modern business should take to protect its customers:

  1. Guard against social engineering tactics. The more you commit to system-level security, the more you nudge potential hackers towards targeting your employees, and they need to be ready. Covering tactics including phishing, pretexting and tailgating will teach them how to operate securely on a consistent basis.

  2. Invest in customer data and password encryption. In the unlikely event that someone gains access to your data, they shouldn’t be able to usefully interpret it. Using a strong firewall will block common threats and attacks aiming to steal your data.

  3. Keep all software updated and cooperating. The longer a software version is in use, the more likely it is that a vulnerability will be uncovered. Updating your core software whenever possible (along with any themes and plugins) is essential.

  4. Have comprehensive backups in place. If something goes awry and you fear that you’ve experienced data loss or your website has been injected with malware, you mustn’t continue in the hope that you can fix it. Instead, you should revert to a trusted backup.

  5. Communicate clearly and honestly. Your customers rely on you when it comes to cybersecurity. If data ever leaks, it’ll be your responsibility to inform them so they can take appropriate action (changing their passwords, for instance). Staying quiet isn’t advisable since they’ll find out eventually and will feel aggrieved by your silence.

How the Cloudways/Cloudflare integration could improve your online security

Three of the five key actions we’ve identified involve system-level protections. Cloudways already offered a superlative managed hosting experience, so the free and easy addition of paid-tier Cloudflare features has established a compelling hosting package. Deploying this system gives you an optimised blend of speed, reliability, accessibility, and security.

Santi Costa, Chief Marketing Officer at Cloudways, tells us, “Even if there were enough cybersecurity professionals to cover all threats, they wouldn’t be affordable for typical SMEs. This puts the onus on system-level security. Our objective with Cloudways has always been to take care of key concerns — including (but not limited to) security — so even the smallest companies can deliver exceptional user experiences without enormously increasing their costs or adding to their daily workloads.

“Following the launch of our Cloudflare integration, we’re more confident than ever that we bring more to the table than our competitors. Our customers can now proceed with the knowledge that their systems will protect their sensitive data and deflect online attacks, and they don’t need to pay anything more for this improvement.”

With the Online Safety Bill being floated in the UK, and comparable pieces of legislation cropping up elsewhere in the world, it’s clear that cybersecurity standards are only going to increase in the coming years. To stave off attacks and keep up with the competition, businesses everywhere must invest their time and resources accordingly.

Shona Wright

Shona covers all things editorial at TechSPARK. She publishes news articles, interviews and features about our fantastic tech and digital ecosystem, working with startups and scaleups to spread the word about the cool things they're up to. She also oversees TechSPARK's social media, sharing the latest updates on everything from investment news to green tech meetups and inspirational stories.