Three ways to improve business resilience to data breaches
Any cyberattack would be detrimental to your business, but a data breach, when information that should be kept private is made public, could be devastating.
Securing data is crucial, and it’s never been more critical for businesses to take action. Our research shows that more than 100,000 UK businesses fell victim to data breaches in 2018, costing them over £1.6 billion in damaged assets, financial penalties, and lost productivity.
Leaders are learning. Through the same piece of research, we discovered that the number of businesses taking additional steps to mitigate a variety of cyber-risks had increased from 16% in 2015 to 37% in 2018.
We want to ensure this change continues, so here are three actionable steps to help protect your company from harm:
#1.Remember that not all clouds are created equal
More businesses than ever before are making use of cloud computing in some form or another. But don’t just rush in. It’s essential to consider the type of cloud that best suits your business.
Public options (like those from Google or Dropbox), tend to be a less expensive ‘single service package’ – unlike private clouds which require the setup and management of a server and all its resources.
However, that lower cost comes with a lower level of control. You don’t necessarily know where your data is kept or quite how it is protected. With a private cloud, perhaps deployed using a colocation service, you can control everything, decide where data goes and how it will be kept secure.
Whatever type of cloud you use, be sure to use a cloud access security broker: ‘gatekeeper’ software that sits between a business and its cloud provider to ensure traffic between the parties complies with security policies.
Ensure that anyone accessing data in the cloud is using a strong secure password as well as two factor authentication.
#2. Create a culture of responsible and informed employees
People are usually the weakest link in the cybersecurity chain, and staff members responsible for more than a third of cybersecurity breaches.
Businesses should vet potential employees thoroughly before they are employed and provide training around how to avoid the main cybersecurity risks to which they may be exposed.
It’s essential to foster an honest and transparent attitude. If employees feel afraid to come clean about mistakes that might have opened the door to cyberattacks, the problem has time to grow.
By ensuring that employees feel able to fess up to mistakes, you stand a better chance of being able to get ahead of an attack and mitigating the damage.
#3. Ensure responsibility doesn’t stop at the door
In an ever more connected age, the consideration of risk must extend beyond a company’s boundaries to incorporate customers, partners and other organisations they come into contact with.
Cybercriminals frequently exploit vulnerabilities in one organisation to launch sophisticated attacks against other targets. This makes your role in the supply chain even more critical.
These kinds of attacks could impact your business relationships, as well as your reputation with customers. We found that a third (31%) of businesses would terminate contracts with suppliers whose negligence caused them to become a victim of cybercrime.
The notion of herd immunity is a tarnished one currently, but it does ring true when it comes to cybercrime. If enough businesses are well secured, the ability for denial-of-service attacks, viruses, and other attacks to spread is diminished. This kind of strength in numbers is increasingly important as the threat of cybercrime grows and becomes more sophisticated.
We regularly publish guides and articles to help businesses protect themselves against cybercrime, sign up to receive our email newsletter below: