Member Article

How to guard against business risk

Garry Sheriff, Managing Director of tech experts ITPS, gives his advice on why cyber-security is really about business risk.

Making predictions about IT industry trends is not easy but there is one thing we can be absolutely certain about here at ITPS, and that is that the number of cyber security attacks will continue to rise throughout 2019.

A report from the World Economic Forum, which surveyed 12,000 business leaders in 140 countries, showed that cyber-attacks were the biggest concern among businesses across Europe, North America and Asia.

Threats are shifting and changing with increasing speed, and 2018 saw case after case hit the headlines, with organisations ranging from SMEs through to financial institutions, British Airways, T-Mobile and even NASA reporting breaches.

Recognise the risk

Don’t think it won’t happen to you, nothing and no one is immune. Cyber criminals don’t just attack large corporates, they target any organisation that is not properly protected, exploiting basic weaknesses in IT systems and software. SMEs are seen as particularly easy targets, providing access not just to their own organisation but to their larger partners and clients.

Plan for the worst

As with any other facet of business planning, you should hope for the best but plan for the worst. Without robust security measures and a business continuity strategy in place to cope if your data is stolen, your ecommerce site is taken down, or your systems compromised, you are putting your organisation at risk.

Don’t try to do everything yourself. Review the potential threats and risks, then assess your in-house skills and capabilities to determine whether you need to bring in outside help in the form of a trusted security partner.

Train your people

Once you have invested in the smartest prevention and detection systems on the market, reinforce that move with strict company-wide processes and thorough staff training to create a strong cyber-culture. Human beings are fallible and a successful attack need not be as sophisticated as you think. Many hackers have a low level of skill and succeed simply because someone was tricked into clicking on a link.

Get some insurance

For full wrap around protection, transfer some or all of the risk to one of the growing number of cyber and data insurance specialists. The Hiscox Cyber Readiness Report 2018 showed that a worrying 73% of the 4000 organisations surveyed had gaps in their ability to manage cyber security readiness. Insurance is no substitute for security measures, but it can form a safety net and offset the cost of an attack. Having foundation measures in place such as those included in the Government-backed Cyber Essentials and Cyber Essentials Plus certifications demonstrates to your insurers that you take cyber protection seriously.

Stay up to date

As IT security experts we receive a lot of appeals for help from organisations in the middle of a cyber attack. While no organisation can totally avoid risk, they can and should mitigate it. Many of the situations our new clients find themselves in could have been easily prevented.

Cybercrime has been transformed from an IT issue to a strategic risk issue that directors and senior managers cannot afford to ignore. Give us a call or come along to one of our regular security briefings to find out more about how we can help you protect your business.

This was posted in Bdaily's Members' News section by Julie Brammer .