“We’ve had a data breach. Cybercriminals have hacked our systems and accessed sensitive client data.”
Your heart is thumping, you feel sick and your mind is racing. What will this mean for the business? How will you explain this to your clients? More to the point, how did this even happen?
Thankfully, the data breach that your colleague reports is theoretical; a vulnerability discovered during a simulated hack carried out by security experts. It’s what is known as ‘penetration testing’ or ‘pen-testing’: a planned hack to see how far an intruder could trespass onto the digital premises of your business – and what they could make off with.
What if you received such devastating news for real? The fallout could threaten the integrity of the business, perhaps even it’s future. But you don’t have the time to think about cyber-security when you’ve got home workers to manage and a business to run.
We get it. The last year has been a rollercoaster. Running a business has never felt more challenging, with even the simplest tasks requiring major changes. Add to that a dispersed workforce, economic turbulence and ever-changing guidelines and businesses have had a heavy burden to bear.
Unfortunately, cybercriminals are not as sympathetic. While businesses have been trying to find a way to keep going, cybercrime has been on the rise. According to the Chartered Institute of Internal Auditors (CIIA), 51% of businesses surveyed have suffered a cyber-attack in the 12 months to February 2021. That’s up from 46% in March 2020, according to the Government’s Cyber-security Breach Survey.
The ‘clean-up costs’ can run into the tens of thousands of pounds. Hiscox says that the clean-up alone costs ‘the average small business £25,700.’
Hopefully, your business will never be the victim of a cyber-attack. What is clear, is that the potential consequences of a successful attack, not to mention the costs, is catastrophic.
If you’re running a company with tens of employees, rather than hundreds or thousands, it’s unlikely that you’ll have a dedicated security staff member. The responsibility often rests with the owner, Managing Director or CEO, people who are probably not cyber-security specialists.
It’s these people that are also the people tasked with running the business. No mean feat, when you’re trying to motivate staff at home, adapt to fast-changing circumstances and ensure profitability.
So what happens if an employee at home inadvertently lets a criminal in the back door? What if their child, partner, or housemate quickly ‘borrows’ the laptop and accidentally downloads ransomware?
The implications of a successful cyber-attack are grave:
Pen-testing lets the good guys test the strengths and weaknesses of your cyber-security, before anyone with malevolent intentions can do so.
Effective pen-testing needs to be:
…and if you have the slightest doubt about how secure your business is, perhaps it’s worth a conversation with an expert? soVision IT has prevented thousands of cyber-attacks against hundreds of organisations. Taking security precautions might be the last thing on your mind when you’re busy running a business. It’s easy to forget about cyber-security until you need it, but by then it may be too late. Don’t get caught out. Call us on 0117 986 4026 for a no-obligation chat.