The cyber risk: protecting your business from attack
Cyber Security Companies of all sizes are vulnerable to cyber threats, but by making security a priority businesses can reduce the risk to themselves and their customers.
As the world becomes increasingly connected, the risk of cyber-crime increases for businesses. Companies across the UK are becoming more digitally enabled. From websites promoting services to ecommerce, most businesses now have an online presence.
At the same time, the tools to launch a cyber-attack are easily available on the dark web. Cyber-crime is a low risk, high reward endeavour for bad actors. The combination of these factors means it is a case of when, not if, a company will be attacked.
Recent research by Symantec shows that the UK is the most cyber-attacked country in Europe and the second most assailed in the world, with attacks up 40 per cent. While awareness of the risk is on the rise amongst business owners, most do not know what to do to protect their business and customers – seven out of 10 companies in the UK do not feel prepared for cyber-attacks, according to Equinix.
However, there are things companies can do to protect themselves. Our research shows that the most common attacks are on well-known vulnerabilities that can prevented through basic security measures.
SMEs are often targeted because they are less likely to have these security measures in place, or even be aware they are at risk. Any company that stores data online is vulnerable to attack, and must take security precautions.
The first step is to make sure that cyber security is on the board’s agenda. Traditionally, responsibility for security lay solely with IT. As tech becomes more central to business operations and success, so online security is rightly being taken more seriously and many companies are waking up to the fact that this is no longer just an IT problem.
Many breaches stem from the fact that staff are not aware of best practice which means that training and awareness are crucial. Checks that should be standard across every company include good password protocols, regular updating of software and regular back-ups. These measures are essential whether you’re a one man band or a multinational enterprise.
Part of these preparations must include what you will do in the event of an attack. It is essential to plan ahead, and have the right staff and skills in place. The plan will be different for each company, based on their operations and the nature of the attack. But key things to consider include:, stopping using compromised systems, notifying customers or suppliers that have been impacted and collecting digital evidence of the attack.
Although prosecutions for cyber-attacks are rare, by better understanding the threat, companies can better protect themselves in the future. The adversary is fast and nimble, sharing learnings online to further damage companies. By similarly sharing experiences, businesses can help each other keep pace with the threat.
The cyber security industry continues to work overtime to find, if not a solution, then at least the heavy weaponry required to fight back. One new trend is the increased use of data security analytics. Companies are analysing information that comes in on a daily basis to foresee where the threat will come from next. And there will be further threats. As increasing numbers of devices are interconnected and more data is being created and stored, the prize for attackers becomes more appealing.