INSIGHT

How Secure is Your Data?

Cyber Security Advice for Businesses

From preventing sophisticated automated attacks to safely enabling their digital transformation process, robust cyber security should be an integral part of any business’ digital strategy. Here we examine the fundamental principles behind network security and what your business needs to do in order to protect vital data.   

How secure is your business’s data? It’s a question that’s often relegated to the footnotes of meeting agendas, as the answer can often be the stuff of nightmares for senior management teams. With attacks becoming more sophisticated, frequent and increasingly catastrophic, understanding the nature of potential threats and the measures a business can take to mitigate these has never been more important. 

Each day, cyber attacks are becoming a reality for an increasing number of businesses. The government’s Cyber Security Breaches Survey for 2019 found that around 32% of all businesses will have suffered at least one cyber attack of some kind in the last 12 months, and that among those that detected breaches, the average cost over this time period was around £4,180[1]. Interestingly, whilst the number of businesses identifying attacks has gone down in 2019, the number of attacks each business has faced has gone up, throwing into sharp relief the need for businesses to have in place consistent and well maintained cyber security strategy.

Whilst financial loss is often the most visible effect of cyber-crime, it’s not the only aspect of a business that’s negatively affected. In the most serious cases, data breaches that expose customer or client data to fraudulent or criminal use can seriously erode the reputation of a business, causing long term or even permanent damage to potential growth and future success.

It should come as no surprise therefore that an ever increasing number of businesses are implementing new cyber security policies, training and health checks. As of 2019, 78% of businesses identify cyber security as a top priority for their senior management team and 57%[2] of them now update senior managers and directors on the latest issues and developments at least once a quarter.

Whilst businesses themselves are getting significantly better at taking action to identify security risks (62% over the past 12 months), only 11%[3] of this activity has come in the form of investing in threat intelligence and , only 42%[4] of businesses have staff dedicated to information or data security. Again, this demonstrates that whilst awareness is a key first step in any business’ fight to keep sensitive data secure, the real challenge is finding both the staff and the resources to successfully achieve this goal.

Managing a secure network

A network capable of repelling attackers and keeping data secure should be the foundation of any business’s cyber security strategy. Simply ensuring key software is kept up to date, firewalls are correctly managed and resilient anti-virus protection is installed can go a long way to ensuring data safety.

For larger businesses however, managing and monitoring your network for potential threats and breaches can come with complex infrastructure, staff training and legal requirements, all of which can dramatically increase the required levels of security and IT investment.

To keep their network and vital data secure, many businesses turn to suppliers that can deliver a complete managed security service, like us to relieve internal teams of the pressure to remain compliant and manage multiple levels of security infrastructure, all whilst juggling a shrinking budget. What’s more, once key internal resources are freed from managing and maintaining network security, giving IT teams the opportunity to invest in activities that drive growth and improve efficiency for the business as a whole.

It’s a people problem

Concerningly, the biggest challenge to data security often lies with the people accessing sensitive information on a daily basis. As technology like cloud collaboration and remote working become widely available, allowing employees to work from home or on the go, opportunities for attackers to use human error as a means to gain access to secure data have increased exponentially.

Malicious attacks for the most part are only successful when an employee does something they shouldn’t have done – whether that’s operating on an unsecure network, disclosing a password, or clicking the wrong link in a suspicious email. It’s no surprise therefore that educating employees on the importance of cyber security has been identified as one of the best defences a business can utilize when it comes to tackling threats.

Whilst overall awareness of cyber security is improving year on year, only 27% of staff across business in the UK have attended cyber security training in the last 12 months[5], suggesting that across the average working day, many businesses are more vulnerable to threats than top level statistics might first indicate. This is further borne out by evidence that shows that 80% of the security breaches suffered by businesses in the past 12 months came in the form of fraudulent emails or being directed to fraudulent websites[6].

These figures are a clear indication of why a business’ approach to cyber security should be organisation-wide, prioritising education and best practice as much as an investment in the latest security infrastructure and software.

Simply ensuring employees are aware of the latest cyber threats and the most common methods cyber criminals use to invade your business can make all the difference to overall data security. Once they know the red flags to look out for, your defence will be much stronger.

Above all, prioritising cyber awareness, education and smart security investments are the most reliable methods by which any business can continue to ensure the security of their data. 

 
 

Like this article? You may also be interested in these too!