Over the past few decades, technology has become an increasingly integral aspect of the workplace.
From emails and financial transactions to networking and collaborative work documents, businesses rely on technology to be connected at all times. However, when these lines of communication are compromised, it can have a disastrous effect on the business.
We are living in a far more technologically advanced society than we were a decade ago. To put things into perspective, the iPad has only been around since 2010, and the iPhone a few years before that. With the hugely increased speeds in broadband over the last 10 years, businesses can do more than ever online.
These days, most businesses rely on things like online document sharing, email across multiple devices and databases accessible from anywhere.
This rise in the widespread use of technology brought with it a rise in cybercrime. According to the Cyber Security Breaches Survey, almost half (43%) of all UK businesses had reported cyber security breaches or attacks in the last year. These data breaches have resulted in lost files, software, system or website corruption, and even loss of assets or intellectual property.
The most common cybersecurity threats include social engineering, which is scammers impersonating businesses to send out fraudulent “phishing” emails with viruses and malware.
With the implementation of GDPR (General Data Protection Regulations) in May last year, businesses must report any breaches to the ICO (Information Commissioner’s Office). This saw dramatically increased fines, which could also mean the average cost of data breaches rise even further in the coming years.
Over the past few years, we have seen so pretty big names get hacked, data stolen and as a result, reputations permanently damaged.
Cambridge Analytica used Facebook to illegally harvested 87 million users profile’s, political beliefs, friend networks and private messages without users consent.
A third party exposed 100 million users names, email addresses, hashed passwords, profile data, public and non-public actions.
The UK National Health Service (NHS)
Was temporarily brought to its knees during a ransomware attack, resulting in cancelled operations and considerable clean-up costs. This specific attack became particularly embarrassing for the UK government when it emerged that “basic IT security” could have prevented it.
These are just a few of the breaches that made it into the news, but it’s important to remember that there are so many more that don’t make it into the headlines that affect companies big and small.
According to an article written by Director of Information Security and Compliance, Kaufman Rossin, there are now over 4000 ransomware hacks every single day. In this day and age, no one is untouchable when it comes to cybercrime – which is why proper security measures need to be put in place to protect your business and its reputation.
It is estimated that by 2021, the global cost of cyber attacks will amount to 6 trillion per year.
Cybercrime now accounts for more than 50% of all crimes in the UK (National Crime Agency)
Malicious hackers are now attacking computers and networks at a rate of one attack every 39 seconds (University of Maryland)
8% of surveyed organisations were aﬀected by a successful cyberattack in 2018 (Imperva 2019 Cyberthreat Defense Report)
If you’ve made it this far without cyber threats to your business, the 54% of firms had their data compromised last year suggests you could be targeted very soon.
It’s estimated that the average cost of recovering from a cyber attack is 5 million. If you run a smaller business, this might seem like an enormous figure, but these things are proportional. Most small businesses could be completely taken out by a bill of £50,000, which brings us to our final statistic; 60% of small businesses who experience a major cybercrime incident go out of business shortly after.
So, by now you should be able to answer “why is cybersecurity important?” with ease, but what can you do fight against cybercriminals?
Understand the risk
Firstly, you need to be clear about what you want to protect. This can be as simple as listing out the devices and systems that are vulnerable to attack (all of them). What software do you use? What current measures do you have in place and how old are they?
Train your team
Your staff are the first line of defence against cyber threats. Have strong, unique passwords for each account, every desktop and mobile device should be passworded as should business accounts. Educate staff on phishing emails.
Create a cybersecurity policy for your business, including best practices that you expect people to follow, procedures for keeping the employee, vendor, and customer information safe, a requirement under GDPR in any case. You should also include protocols that staff must follow in case there is a breach.
Every IT professional talks about backup, backup, backup. All important information should have a copy, not just on your desktop, but stored in the cloud too and each copy should be secure, and encrypted.
You may have bought some great security software but if it hasn’t been updated for months it will be vulnerable. Make sure everything is regularly updated from operating systems and web browsers to software and staff mobile phones.
Not everybody needs access to everything, even a trusted employee shouldn’t be allowed to access computers and information aren’t authorised to use.
Your company Wi-Fi can be an easy way to access data, if possible, set it up so that the staff don’t know the password. If you want an open Wi-Fi for customers to use, set up a separate network and change the SSID and password regularly. Employee’s personal phones and devices should use this network, isolated from your business-critical systems.
Cybersecurity at its most basic means of protecting your electronic devices and the information that is stored on these devices and is a critical business requirement in 2018. If you would like to learn more about how Netitude can help with implementing better cybersecurity for your business, take a look at our Managed Cyber Security Services, or get in touch.