The hackers are closing in…
Am I at risk from a cyber attack ?
Yes. Nearly two thirds of medium/large UK businesses suffered a cyber attack last year.
Who is being attacked ?
At present, businesses with over 100 employees are much more likely to be attacked compared to their smaller counterparts. However – as larger enterprises respond by improving their online defences the criminals will increasing attack smaller, less well-defended targets. You might be on borrowed time.
So should I be concerned ?
One year from now the EU’s new mega law on data protection – the General Data Protection Regulation (‘GDPR’) – will come into force. This wide-ranging shakeup will affect almost every organisation that holds client data and includes a mandatory requirement to inform individuals of any data breach ‘likely to result in a risk for their rights and freedoms”. Companies involved in data processing will be required to appoint a suitably qualified Data Protection Officer. Fines for those in default of this new legislation are huge – up to 4% of worldwide annual turnover.
And it’s not only regulators who punish inadequate security protocols. Investors shy away from companies with lax security. FTSE100 companies who disclose a data breach see an average 2.7% fall in share price.
What should I do ?
A British Chambers Of Commerce survey discovered that only 24% of businesses hold cyber security accreditations, and in companies with less than 4 staff this falls to just 10%. This is surprisingly important, as some simple housekeeping can significantly lower your risk. The recent The Internet Organised Crime Threat Assessment 2016 from Europol stated: “It should be noted that the majority of reported attacks are neither sophisticated nor advanced. While it is true that in some areas cybercriminals demonstrate a high degree of sophistication in the tools, tactics and processes they employ, many forms of attack work because of a lack of digital hygiene, a lack of security by design and a lack of user awareness.”
The National Cyber Security Centre offers good basic advice – ’10 Steps to Cyber Security’ – which can be accessed here, and information on obtaining Cyber Essentials Accreditation which can be found here. And for a “belt and braces” approach you may like to consider Cyber Liability Insurance Cover (‘CLIC’) – a basic guide can be found here.