Cyber Security: Is Your Business Protected?
It's no secret that cybercrime is on the rise, and it's one of the biggest concerns for businesses in the modern digital age.
Cybercrime on the rise
The UK's National Crime Agency (NCA) has found in their Cyber Crime Assessment 2016
that the accelerating pace of technology and criminal cyber capability is rapidly outpacing UK business' defensive response, leaving vulnerabilities across British industry.
24% of all UK businesses have experienced a breach over the last twelve
months, and for large firms this figure rises to a staggering 65%.
IMAGE: Cyber Security Breaches Survey 2016
Companies still failing to adequately defend themselves
Companies are still failing to build effective defences against the majority of cyber attacks, despite the wide-spread acceptance of cybercrime as one of the most problematic risks for companies today.
There could be a number of reasons for this lack of response, the majority of which probably stem from a lack of education and understanding, as well as a reluctance to spend.
According to the government's Cyber Security Breaches Survey 2016
, only 69% of businesses say that cyber security is a high priority for senior managers, for example, when it should be a priority for all businesses, at all levels. Even with just over two thirds of companies aware of the risks to some extent, only 51% have taken recommended actions to identify cyber risks. This is despite the fact that 24% of UK businesses, and some 65% of large UK firms, detected a cyber security breach or attack in the last year, and 25% of these experience breaches with a frequency of at least once per month.
With attack rates such as these, how are companies still failing to implement appropriate security systems and training?
The impacts of poor cybersecurity can be catastrophic for businesses
Cybersecurity breaches can be costly in a number of ways; beyond the possibilities of damage to reputation with clients and customers, and perhaps regulatory penalties, the financial aspect can be staggering: the average cost of a breach to a large organisation is around £36,500. The most costly breach identified in the survey cost the organisation involved a massive £3million.
The vast majority of attacks can be categorised within two types: infection by a virus/spyware/malware (68%), or impersonation of the organisation (32%). Both of these methods of attack can cause untold damage to the victim: infection by a virus or similar can cause the leak of confidential information and give rise to theft of trade secrets, among other things, while a criminal impersonating an organisation can cause immense damage to the organisation's professional reputation. Despite these vast and insidious threats, only 51% of UK businesses have implemented at least half of the Government's 10 Steps to Cyber Security
, and only 5% have made progress on all ten.
What can companies do?
The first line of defence against cybersecurity attacks is better education and understanding of the risks. Cybersecurity is a relatively new threat to business and many simply fail to understand the vast damage a well-orchestrated attack can wreak upon an organisation. From the loss of or the dissemination of private data to being held ransom for its release, or having the company's name dragged through the dirt, cyber-crime has the ability to affect and damage every aspect of a company's operations in this new, digitally-dependent age.
IMAGE: Cyber Security Breaches Survey 2016
Hackers and cyber-criminals are becoming ever more innovative, and being educated on ways to thwart them can only pay dividends. Everyone within a company represents a possible weakness in the defences, as poor IT practices can open the door to unscrupulous hackers. Educating everyone, from the newest intern to the CEO, ensures that no-one will be leaving any gaps open to exploitation.
Another facet of an effective cyber security defence, and one which goes hand-in-hand with the importance of educating all employees, lies in recognising the importance that staff members play in maintaining the security of data and information. Many organisations seem to underestimate the risks that staff pose: they think that if they have adequate technical processes, that will be enough to keep them safe, and forget that human error is often the most prevalent cause of cyber security breaches. Recognising this, and working with employees to ensure safe cyber-practices is paramount.
Co-operation and communication are also vital to protect the business world from cyber crime. While most businesses have implemented some level of control within their own walls, only 13% set minimum standards governing cyber security for their third-party suppliers. This creates a massive gap in security, because while one's own company may be protected, allowing access by an unprotected organisation amounts to locking the front door and leaving a window open for unscrupulous individuals.
A good cyber-defence will always involve investment - companies need to invest in decent IT infrastructure and the experts to service it - but it is, in fact, an investment: the money and reputation saved in the long run will far outweigh any initial costs.
Are you in need of cybersecurity professionals to help protect your business? I can help - I specialise in connecting experts in cybersecurity with those in need of their aid.
Give me a call on +44 (0)1737 821009 for a confidential chat about how I can help you.
If you'd like to join me and the rest of the CBSbutler team in helping businesses ensure they've got the very best experts on hand, get in touch with our Internal Recruiter Colin on 01737 824891 or by sending your CV to firstname.lastname@example.org