One of the most disturbing figures from recently published Research by Insurance giants Lloyds of London is that 9 out of 10 businesses have been hacked once in the last 5 years. Another surprising figure is that despite the problems caused by the first hack, less than half of CEOs are concerned that they may be hacked again in the near future.
Attitude and Security Problems.
As an IT Support Company in Hertfordshire we are very aware that all businesses now face a multitude of cyber and data security threats. Being prepared and protecting your company as much as possible from these threats should now be a priority.
One of the reasons for the apparent lack of concern shown by such a large proportion of CEOs, despite almost weekly news reports of high profile hacks, can be seen in another alarming statistic. The Lloyds research showed that only 13% of businesses believe they would lose customers if they experienced a data breach.
The thought ‘try telling that to TalkTalk’ who lost an estimated 101,000 customers (3% of their subscriber base) after a hack last October comes to mind.
By having a less blasé and more realistic attitude, CEOs may be more inclined to take precautions that could prevent serious attacks. Some of the feedback in the research also pointed to an unhealthy reliance on reactive security systems.
How You Manage A Breach Is Vitally Important.
As an IT Support Company in Hertfordshire know how sophisticated and well organised many of today’s cyber crime operations are. Hackers now use advanced methods and are persistent so that they tend to get in to their target networks eventually. Even though our businesses take a number of sensible and well planned security measures, they face a challenge to completely protect themselves in the face of an evolving threat.
Many tech security commentators take the opposite view to many CEOs by seeing security breaches as almost inevitable. It is, therefore, more a case now of accepting that a breach is likely and focusing on what measures your business has in place to protect your business and customers when a breach happens.
Many tech security commentators now believe that this acceptance of the very realistic possibility of a hack / breach should be the healthy norm. This is one of the reasons why so many companies now have Disaster Recovery Plans in place.
Taking Too Long To Identify When Breach Has Happened.
Another issue highlighted by the Lloyds research is the fact that businesses take too long to identify when a breach has actually taken place. This gives the hacker plenty of time to search the whole network for vulnerabilities.
GDPR A Motivator For A Change of Attitude.
Many security specialists believe that the introduction of the EU’s GDPR in 2018 will motivate CEOs to adopt a different, much more security conscious attitude. If businesses are not prepared and vigilant enough to detect and report a crime within 72 hours they could face a colossal (up to $20m) fine under GDPR.
What Does This Mean For Your Business?
It is important that CEOs realise that we now live in a time where cyber-crime is a very real and ever-present threat, and any complacency could leave a business wide open. Cyber criminals use advanced and sophisticated methods so businesses now need to use many different tools to stay one step ahead including security intelligence and analytics, while investing in threat detection and response capabilities.
Adequate steps should also be taken by all businesses to make sure that they are able to comply with GDPR when it is introduced in 2018.