We continue to see both large and small businesses succumbing to data breaches and cyber threat issues; most notably in recent weeks, Equifax and Deloitte. Equifax have potentially exposed the data of hundreds of millions of their customers, whilst a number of Deloitte’s high-profile clients have had their accounts accessed by hackers. Whatever the scale or impact of any cyber-attack, there’s no doubt the consequences are always severe, diminishing consumer trust and company reputation, perhaps irreparably. As a cyber security professional, it’s easy for me to get frustrated and blame businesses for not getting their house in order. After all, it’s often the basics not being in place that allow a breach to occur.
For example, the Deloitte breach supposedly occurred because an administrator’s account required only a single password and did not have a two-step verification process. Something so basic has put vast amounts of confidential data at risk. However, we have to cut businesses a bit of slack. When people are focussed on their day jobs, it can be easy to miss things. We all make silly mistakes, but there are a number of simple steps we can take to help prevent an error turning into a disaster.
Know what you need to protect
Many SMEs we speak to don’t even think they need to invest in cyber security – what have they got that a cybercriminal would want? You might not have the millions in ransom money or the bank details of hundreds of millions of individuals, but you do have data. If your business can leverage this data to make a profit, then so can malicious hackers.
Figures suggest that 60% of SMEs which are hit with a cyber-attack go out of business within 6 months. That’s a terrifying thought for any business owner. You need to be aware of what data your business stores, where it is, how it is protected, and if you even need it. Are you storing personal details that aren’t even relevant anymore? Get rid of them securely before someone else gets their hands on them.