What would your clients say if their customer data was stolen from your company?
“We’ve had a data breach. Cybercriminals have hacked our systems and accessed sensitive client data.”
Your heart is thumping, you feel sick and your mind is racing. What will this mean for the business? How will you explain this to your clients? More to the point, how did this even happen?
Thankfully, the data breach that your colleague reports is theoretical; a vulnerability discovered during a simulated hack carried out by security experts. It’s what is known as ‘penetration testing’ or ‘pen-testing’: a planned hack to see how far an intruder could trespass onto the digital premises of your business – and what they could make off with.
What if you received such devastating news for real? The fallout could threaten the integrity of the business, perhaps even it’s future. But you don’t have the time to think about cyber-security when you’ve got home workers to manage and a business to run.
Do you?
Cyber-attacks are increasing; businesses are not immune
We get it. The last year has been a rollercoaster. Running a business has never felt more challenging, with even the simplest tasks requiring major changes. Add to that a dispersed workforce, economic turbulence and ever-changing guidelines and businesses have had a heavy burden to bear.
Unfortunately, cybercriminals are not as sympathetic. While businesses have been trying to find a way to keep going, cybercrime has been on the rise. According to the Chartered Institute of Internal Auditors (CIIA), 51% of businesses surveyed have suffered a cyber-attack in the 12 months to February 2021. That’s up from 46% in March 2020, according to the Government’s Cyber-security Breach Survey.
The ‘clean-up costs’ can run into the tens of thousands of pounds. Hiscox says that the clean-up alone costs ‘the average small business £25,700.’
Hopefully, your business will never be the victim of a cyber-attack. What is clear, is that the potential consequences of a successful attack, not to mention the costs, is catastrophic.
No time to focus on cyber-security? See you in court…
If you’re running a company with tens of employees, rather than hundreds or thousands, it’s unlikely that you’ll have a dedicated security staff member. The responsibility often rests with the owner, Managing Director or CEO, people who are probably not cyber-security specialists.
It’s these people that are also the people tasked with running the business. No mean feat, when you’re trying to motivate staff at home, adapt to fast-changing circumstances and ensure profitability.
So what happens if an employee at home inadvertently lets a criminal in the back door? What if their child, partner, or housemate quickly ‘borrows’ the laptop and accidentally downloads ransomware?
The implications of a successful cyber-attack are grave:
- Loss of data – sensitive information, business-critical assets and intellectual property could be stolen without adequate protection
- Inability to trade – a hack could take a company’s website, even its entire systems offline. It’s easy to see how this could be disastrous for an ecommerce business, though for any organisation, interruption to business as usual is damaging
- Legal implications – businesses could find themselves facing fines, inquiries and trials if pursued by official bodies or unhappy clients
- Breach of privacy (client data or employees) – compromised personal data could have legal, ethical and personal ramifications for the business and the people it employs and serves
- Loss of credibility or trust within the marketplace – if customers don’t believe you are able to keep their details safe, they’ll be reluctant to do business with you
- Financial ramifications – damaged reputation leading to loss of business, clean-up costs, legal fees, and fines add up
How to prevent the devastating blow of a cyber-attack
Pen-testing lets the good guys test the strengths and weaknesses of your cyber-security, before anyone with malevolent intentions can do so.
Effective pen-testing needs to be:
- Carried out by a reputable partner – do your research, and engage a security partner with a proven track record and an excellent reputation
- Regular – threats change, systems age and cybercriminals’ tactics evolve and become more sophisticated
- Acted upon – the results of the pen-test are only useful if measures are put in place to bolster weaknesses
If you’re one hundred per cent cyber-secure, you can sleep easy…
…and if you have the slightest doubt about how secure your business is, perhaps it’s worth a conversation with an expert? soVision IT has prevented thousands of cyber-attacks against hundreds of organisations. Taking security precautions might be the last thing on your mind when you’re busy running a business. It’s easy to forget about cyber-security until you need it, but by then it may be too late. Don’t get caught out. Call us on 0117 986 4026 for a no-obligation chat.
References:
https://www.cityam.com/exclusive-half-of-businesses-suffered-a-cyber-attack-in-last-12-months/
https://www.hiscoxgroup.com/news/press-releases/2018/18-10-18
