Is your business cyber secure?
At the risk of stating the obvious, cyber security – protecting business, supplier and customer data from nasty and damaging digital intruders, should now be a high priority for every organisation. As a discipline up there with delivering products and services, it’s probably fair to say that most of us should be doing more in terms of cyber security. The risks and consequences cannot be underestimated and clearly, the problem is not going to go away anytime soon.
We know that digital technologies have a lot of upsides. But this flip side needs to be addressed firmly, with commensurate force and commitment.
No longer an ‘if’ question, cyber-crime is undoubtedly a ‘when’. Following a recent survey, one chamber of commerce reported that around 55% of firms in a single county have been hit in the past two years. In terms of business risks and associated consequences, this one is enough to send shivers like none other.
A breach in security can easily have massive and destructive consequences to a business. From incalculable reputational damage and substantial financial losses, through to legal, regulatory and contractual breaches; an attack could ultimately cause business failure.
Every time a large corporate, Talk Talk for example, gets breached, there’s no place for “lucky old us, we weren’t the victim”, relief. More so these should be very pointed wake-up calls that the “next time it could be us”. The odds are shortening all the time and it’s imperative to ensure that all the ‘locks and alarms’ are kept in tip top condition.
Being very afraid is ok – while at the same time ensuring that the business can continue operationally is also essential. We mustn’t let the cyber villains win. Let alone revert to ‘anologue’ ways and means of trading.
In terms of security, a good place to start is to ensure the basics are firmly in place. Fully maintained anti-virus provisions are probably number one. Best practice password disciplines are equally fundamental and increasingly vital. It’s important to provide remind everyone in the business how to spot a possible inbound attack and what to do if they see something even remotely suspicious. Nurture a ‘think guilty until proven innocent’ doctrine insofar as is practical, could be a business life-saver.
We see reputable organisations being convincingly impersonated with corporate graphics and head office addresses, but looking closely (without clicking on anything), usually reveals the sinister truth. In short, checking sources and email addresses for legitimacy should become second nature. Thankfully, most inbound emails come from known people or organisations – which should make things a little easier and ease a state of utter paranoia.
To put things into context : whilst it’s de rigour to test our fire alarms regularly – despite minimal odds of a real situation – what about cyber security? Not quite so easy, but given the heightened probabilities for a cyber-crime, defences should at least comprise an action plan to review, ideally enhance business data security.
Processes should cover how to respond in the event of an attack and key to mitigating the situation and recovering from any losses.
In short, no one should take the eye off the unpredictable cyber-crime ball. One day it will bounce right where it could so easily hurt your business, your customers and trading partners, very badly.
By way of footnote, we are currently working on a number of initiatives to help our customers protect their businesses from cyber attack. Do get in touch and we will be very pleased to tell you more.