It seems we are always hearing about and writing about cyber-crime but with good reason. The cost to business of cyber-crime is now estimated at £4.1 million each year, an increase of 14% year on year according to a recent study conducted by The Ponemon Institute.
The research also found that smaller organisations incur significantly higher per capita cost than larger organisations (£1014 versus £232) and more obviously that the longer it takes to resolve a cyber-attack the more it will cost any organisation.
Businesses must accept that it is inevitable that they will be hit by a cyber-attack so not only plan to reduce the risk but prepare for an attack.
Whilst we constantly bang this drum, somehow the message doesn’t seem to be taken seriously, I wonder if it is the old “it won’t happen to me” school of cyber security planning.
How can you reduce the risk of being hit by cyber-crime?
The first and probably most obvious action is to purchase business grade anti-virus software, install it on all work stations and servers but then remind your team not to become too reliant on it.
Many users believe that this complex and sophisticated software will detect and remove all threats, however, the virus makers tend to be one step ahead of the anti-virus developers and users are still opening files and browsing to websites they shouldn’t be.
This leads nicely on to training; educating your team and applying basic company guidelines to help prevent cyber-attacks. Provide ongoing training to make sure your people know about the latest security threats.
Countless surveys over the last couple of years had labored over the point that the vast majority of cyber-attacks could have been prevented by vigilance and anti-virus software, this is borne out by our own experiences. Most of the cyber-attacks we have seen and resolved have been caused by a team member opening an attachment or a website which, with a little awareness and training may well not have happened.
Preparing for the inevitable!
It is almost inevitable that at some point your business will be hit by a cyber-attack, with this in mind it is vital for your business to have a plan to follow in this event.
Often overlooked are data back-ups in the fight against cyber-crime. Ransom-ware is a significant risk for all businesses and once removed from your network any files the virus has encrypted require restoring from backups. It is absolutely imperative that your data backup is working correctly and checked daily.
If you have IT support they should have a plan for dealing with cyber-attacks, contact them immediately you notice any issues and they will deploy the plan.
Make sure everyone in the business is aware of the potential attack, your IT support provider or department may ask for machines to be switched off while they assess the damage.
The type of business you run depends on how you respond to an attack of this sort, email us for specific advise on disaster planning.
If you have any doubts about your organisations ability to prevent cyber-attacks or to deal with them if and when they happen please contact us for advice and assistance on 01733 667755 or email.