October 2017 is the fifth annual Cyber Security Month (CyberSecMonth), a campaign that is working to raise awareness of cyber security threats among businesses and individuals.

As part of this, SALT.agency is carrying out one interview a week with cyber security experts across the world.

In our first blog we spoke to the Dorset Police Cyber Crime Unit.

This week we’re speaking to Dr Mils Hills, Associate Professor in Risk, Resilience and Corporate Security at the University of Northampton Business School:

We’re seeing an increasing amount of businesses becoming aware of cybercrime, in light of cyber security awareness week, do you think that smaller businesses pay enough attention to the risks?

Smaller businesses are definitely getting the message – not only that cyber security matters, but also that simple things can make them harder targets.

Talking with and training staff (including using great free advice and toolkits from government and trade bodies) means that machines will have software patches updated; fewer phishing and other scam emails and telephone calls will be successful and unusual activity on computers, by others in the workplace, visitors and contractors will increasingly be spotted, reported and acted on.

What advice would you give the average business owner in regards to protecting his company from cyber threats?

The average small business owner should start by understanding that they can probably take care of the vast majority of their cyber (and cyber-enabled) risk themselves.

Expensive consultancies will offer all sorts of services, hardly any of these will be of use.

Small businesses best understand their exposures, appetite for risk and business process.

Self-education about key and emerging threats, technology dependencies and what to do about them can be had from objective, free sources such as the government’s Centre for the Protection of the National Infrastructure (CPNI, National Cyber Security Centre, Cyber Essentials Programme).

With cyber security becoming much more of a conversation topic, do you feel that students at the University of Northampton have taken a greater interest in it over the past few years?

Supported by organisations such as Barclay’s ‘Digital Eagles’, our students now have the ability to upskill in cyber and other security issues which will be part and parcel of their lives. They get a competitive advantage from knowing about and not being scared by cyber risk.

As a ‘Changemaker’ university, we are aware of the effects that formal and wider education and confidence can have on our students – of all ages – and their families and friends, and support them in developing key workplace, social and lifeskills – such as cyber and personal security.

Education is important, and we’re seeing children becoming ever more involved in learning about digital security, how important do you feel that is for the future?

Although computers are ubiquitous for children, understanding the risks associated with technical and human threats that arise from them is not.

There is a careful balance to be struck without instilling crippling fear into children – a guarded openness is sensible and pragmatic, as it is to all other risks in life.