No business is immune from hackers when the sums of money to be made are so high and that’s why it’s worrying to see that there’s still a lack of recognition, prioritisation and planning.
Cybersecurity does not often feature on the agenda in the boardroom. It is often seen as an ‘IT/Techy’ issue rather than a business issue and coupled with the mantra ‘it won’t happen to me’, leads to huge vulnerability.
The demand for cybersecurity experts quadrupled in 2015 and is now at a record high in light of some of the headline grabbing data breaches we have seen lately.
Success
Despite big businesses dominating the headlines in terms of data breaches and cyber attacks, smaller firms and SMEs must also take action.
The reality is that every business is at risk if it has an online presence and/or holds data and information about its customers or staff. A cyber attack could put an SME out of business, such are the tight margins many of them operate within.
This is not just a question of beefing up your IT system with security protocols and firewalls but having an understanding and educating staff about the risks.
Success
The ‘ransomware’ Ashley Madison attack stole user data from the commercial website, which enables extramarital affairs, and then threatened to release users' personal identities if the site was not immediately shut down.
The group went on to leak more than 25 gigabytes of company data, including users' real names, addresses, search history and credit card transaction records.
These attacks show how valuable data can be. Customers expect a certain level of protection and when a hack becomes public knowledge the damage to reputation could be insurmountable.
Success
It’s not just websites that are the target of cyber criminals. As we find ourselves living in an age of convenience, everything from central heating to children’s toys has become Wi-Fi enabled, so they can be controlled by apps via mobile devices.
Researchers have ‘hacked’ Mattel’s latest Wi-Fi enabled Barbie doll to turn it into a surveillance device for spying on children without the owner’s knowledge.
Hackers have even been able to remotely gain access and take control of a Jeep while it was driving at 70mph on a highway in the US.
Success
Social engineering is the psychological manipulation of people to enable them to perform actions or divulge confidential information for your benefit.
Criminals will target individuals to get sensitive information which could then help them gain access to a company. From there they could go on to steal, manipulate data, or hold it to ransom.
The ways in which criminals can exploit technology grows daily but the weak spot they will never tire of using is us. Employees at all levels need to be fully aware of how to spot these fraudulent calls and manipulative emails.
Success
It’s extremely worrying that such a large number of companies do not know where their data is stored, how safe it is and ultimately how critical it is to the security of their business.
Data must be stored safely and encrypted to the point it loses its value to a criminal. Insurance policies must be in place, and work forces need to be educated on how they can help minimise risk.
Businesses shouldn’t be waiting until after the hack has happened. They need to plan ahead and vigilantly protect themselves as well as having contingency plans.