Cyber-crime is a growing threat to organisations that rely on networks and technologies that mean potentially multiple entry points to your databases. In other words, most organisations today.
Last year, the UK government found that the average cost to large organisations due to cyber security breaches was £19,600, and even for small-to-medium-sized ones, £1,570.
As well as undertaking cyber security courses to ensure you are employing best practice when it comes to protecting yourselves, there are a number of steps you can take right now to help. Over the next couple of posts, we’ll take a closer look.
• Take the threat seriously
A little like being burgled or having a car crash, cybercrime is sometimes not taken as seriously as it should be until it strikes – when it can be devastating. In short, any organisation that operates online in any way, stores or processes data on servers, whether physical or cloud-based, or has employees accessing networks via digital devices is in some way at risk.
• Encourage your staff to think security
No matter how robust your security environment, it will only be as good as those using it allow it to be. The UK Cyber Security Breaches Survey 2018, published by the government and Portsmouth University, states that 43% of UK businesses have experienced a cyber breach in the past 12 months – yet only 20% offered cyber security training to employees in that period. We will look at cyber security courses for staff in greater detail separately, but creating a culture where your employees take security seriously is an essential weapon in protecting your organisation.
• Secure your computing equipment
When researching cyber security, you might (rightly!) be thinking about complex antivirus software and so on, but a “back-to-basics” approach means first securing your devices. Loss or theft of computing equipment, with all the sensitive data that might be on them, can be mitigated with some simple steps.
First, secure your workplace computers to the desk or invest in physical security measures (doors and windows) – if there is a break-in at the office, anything that makes it harder for intruders to make off with your sensitive information is a no-brainer.
Second, assign different passwords for every user and every application – a complex mix of numbers and letters is best – and encourage users to memorise passwords or use a multi-password app to store them, rather than writing them down where they can easily be found.
And third, install ‘find my device’ tracking software on all portable units. This will give the police the best chance of recovering them if the worst happens.
In our next post, we’ll turn to protecting your data.