Why wait for the worst to happen? – Act now.
Recently I’ve been wondering, why does it take a serious threat to network security, customer data and financial information to kick us in to touch with our Information Security responsibilities?
Surely, the old adage “Prevention is cheaper than the cure.” still applies?
We all remember the Heartbleed bug that compromised two-thirds of all websites don’t we? Well that was a short, sharp shock in terms of reminding us that all businesses are vulnerable to cyber attack. The Federation of Small Businesses reports that cybercrime costs the UK an estimated £27 billion each year! These attacks not only damage business growth and in turn the UK economy, they undermine relationships with clients, shareholders and other businesses.
Despite the importance of securing both confidential customer and company data, many businesses continually fail to prevent breaches.
The security of your business can be broken down into three areas: physical, technical and personnel. The key to staying secure is ensuring you have an in depth understanding of how all three areas can be targeted. Beware of suspicious activity around you, OK you’ve spent a fortune on IT protection, but it only takes one member of staff to have physical access to your server room, or PC containing sensitive data and your IT protection amounts to nothing.
So, the prevention…
If you’re doing nothing at the moment, you can improve security by 95% just by taking some simple steps. Install reputable antivirus software, ensure PC screens lock after a short period of inactivity, store sensitive data in an ISO 27001 secure environment. You must educate your staff on the dangers of behaving inappropriately online, do they know about phishing attacks, virus protection, secure email and identity theft?
Remember: employees are the number 1 cause of security breaches, with attacks becoming more sophisticated by the day, frequent education is vital!