Almost every day we read stories about companies that have suffered serious consequences for not taking cyber security seriously enough. In April of this year, payday loan company Wonga was subjected to a significant online data breach that saw the personal information of around 270,000 customers compromised. Immediately after the attack, the brand’s ‘buzz score’ fell to its lowest in years, indicating a serious dent in its reputation.
Yet, it’s not just a company’s reputation that can be impacted by a breach. With the emergence of the new EU General Data Protection Regulation (GDPR), non-compliance will lead to crippling fines to contend with. From 25th May 2018, UK businesses that experience a data breach face a potential fine of €20m or 4% of annual turnover (whichever is greater).
Hackers remain one step ahead
Despite widespread awareness around cyber security, there’s a reason why cyber-attacks are still so effective: hackers continue to stay one step ahead. Attackers continue to increase their level of sophistication, and there are now dozens of different ways that they can attempt to get their hands on the data they desire.
As a result, the threat of cyber-attacks is immense. One of the most frequent attack vectors – ransomware – has increased in prevalence by 400% in the past six months alone, with small businesses accounting for 53 per cent of those targeted. While the scourge of malware is a fact of corporate life in the 21st century, there are still measures that businesses can take to ensure that they remain sufficiently protected at all times.
Adopt a proactive approach
However, before these measures are put in place, it is imperative that businesses adopt a proactive approach towards cyber security. All businesses — no matter what size or sector — need to transition from an ‘if’ to a ‘when’ mindset, which involves proper preparation and comprehensive planning for all potential scenarios.
Reassuringly, we are already seeing a notable change in this way of thinking. A 2017 Government report found that almost three-quarters of UK businesses consider cyber security to be a very high priority, and three in five (58 per cent) have already sought information, advice or guidance from IT experts regarding the specific threats they face.
Implementing a cyber security strategy
As the cyber threat continues to grow it’s more important than ever for businesses to detect the vulnerabilities in their IT infrastructure before they’re exposed by hackers. Constantly monitoring such vulnerabilities can be tough, but it’s fast becoming a necessity.
One of the most effective ways for businesses to implement this proactive approach into their day-to-day operations is through a cyber security strategy – a comprehensive set of best practices that covers every eventuality and is distributed to all employees across the company, raising awareness of the issue and setting out the correct steps that should be followed in the event of an attack. This will help mitigate the risk and better prepare a business to cope with the eventuality of an attack.
[su_box title=”About Gavin Russell” style=”noise” box_color=”#336588″][short_info id=’103252′ desc=”true” all=”false”][/su_box]
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.