With data being one of the most valuable currencies in business, organisations of all sizes are targets for criminals.
According to the UK Government’s Cyber Security Breaches Survey 2018, 43% of businesses in general, and 72% of large businesses ‒ defined as those with more than 250 employees ‒ had suffered cyber security breaches during the previous 12 months. Even charities aren’t exempt, with 19% of the non-profits surveyed indicating they’d been hacked.
The end of corporate networks
One of the reasons cyber crime has risen is because it’s becoming easier. Gone are the days when an organisation’s IT was contained in one building, on one network, with a robust firewall around it. Now, infrastructure has moved to the cloud, employees bring devices into and out of controlled environments, and we connect devices to the Internet of Things. The borders between the open internet and corporate networks have come crashing down.
This openness has benefits for businesses, but it comes with risks. And mitigating those risks requires a diligent strategy of data classification, network separation, and good security hygiene practices.
72% of large businesses have suffered cyber security breaches during the previous 12 months
Knowing is half the battle
But perhaps the most potent weapon in the fight against cyber crime is education. There’s a reason that 45% of UK business have fallen victim to phishing attacks since 2017. It takes just one user to open a malicious attachment.
Naive users are a major weak point. Strengthening their understanding of threats and making sure they understand what to look out for, how to react, and how to report suspicious activity is a powerful and cost-effective line of defence.
How to prepare for cyber attacks
Notice we didn’t say prevent? The first step is to assume a breach is inevitable and plan accordingly. Having a proper post-breach strategy can be more effective than spending all your resources on defence and not knowing how to react if those defences are penetrated.
Make sure everyone in the organisation understands the importance of cyber security. That goes for senior business leaders who allocate budgets and set examples, as well as users on the front line.
Finally, prioritise your security policies according to business risk. This means understanding what value your data has, tiering it accordingly, and spending wisely.
Read our report, 'From the classroom to the board: Education is the key to outsmarting the cyber criminals', to understand what five actions you can take to up skill your organisation and defend it against cyber threats.