Is the cyber threat to your business real?
Thankfully many of us are becoming more switched on when it comes to our personal cyber safety with improved password protocols, automated security updates on our computers and a general improved awareness of possible threats. But, when we are at work it seems we let our guard down or perhaps the increase in business attacks is just on the increase, either way businesses seem to be targeted more and more often.
And here is the kicker, it is employees who are the weak link. Ransomware attacks target individuals in companies usually via email. Most companies have robust security in place but it is the reliance on this which is putting them at risk. Employees too often think any malicious attack will be caught before it reaches them but in reality this is not necessarily the case. All it needs is one email where an employee clicks on a file or a link and the office network can be infected.
So you are being held to ransom
Once you have been infected what happens. In most cases your files will be encrypted and locked so you can’t access the files and client data you use to run your business.
Unfortunately even if you pay the ransom it does not mean you files will be unlocked. The cyber criminals have your money so why would they bother unlocking your data.
But it can be even worse still. As of February 22 this year new data breach laws came into being. If you collect sensitive, private data such as credit card details, driver’s licence, passport details etc. there are new data breach laws you must now comply with. This is the government’s way of making us all more accountable.
What you can do to protect your business
No one approach is going to protect your business so a multi-pronged policy is best which could include the following:
- Ensure you have the best possible in-house security systems in place.
- Talk to you IT supplier about extra measures you can take.
- Check with your systems suppliers to make sure you are running the latest versions of their systems.
- Have a regular back up of your company data. If you don’t do this in-house, talk to your IT supplier about it.
- But perhaps most importantly of all educate your staff. Cyber security and your company protocols around it should be a regular topic in staff training and certainly part of staff induction courses.
Take cyber security seriously
We all get busy running our businesses and sometimes important but non-core aspects can be done poorly or even overlooked. Cyber security is one of those activities you can no longer treat on an ad hoc basis and it is even recommended if you don’t use an IT company to look after your hardware and systems then perhaps you should but make sure they are across not only what you do but also know how to protect you and how to help you protect yourself.