2020 has quickly claimed the award for ‘the year that put remote working on the map’, for obvious reasons. In business terms this equates to a significant increase in devices carrying sensitive company data and thus an even greater risk of a cyber criminal hacking in. Remote working aside, more and more companies have been gradually transferring their data over to the cloud for some time now, so that statute of limitations on who carries the responsibility for the data has become cloudier still. Ultimately it is everyone. Every single member of an organisation must be held accountable for the data belonging to the company. For this reason, education around cyber security is paramount.
Businesses must ensure their employees are re-educated on bad habits such as weak passwords, or using the same password across multiple websites, utilising insecure Wi-Fi and inexperience that leads to successful phishing attacks. Cyber-crime is not a one-size-fits-all practice and thus the countering cyber security measures a business adopts cannot be either.
Bot attacks are one of the more recent means of cyber-crime and they are on the rise. Though more discreet than the headlining ransomware attacks they are just as harmful, thus the need for a strong cyber security team and CISO is crucial to guide a business in anticipating and dealing with new threats and understanding the ease with which hackers can access unsecure data.
The importance of cyber security within an organisation has to do not only with the strength of a business to defend against threats and breaches, but also with mitigating any financial losses as well as reputational. Businesses must focus on their cyber security strategy as a means of building trust in their clients, customers and key stakeholders as something that will set them apart in the current market.
Companies must also take into consideration the impact of regulatory fines should their cyber measures fail them, with the GDPR forcing businesses to prioritise compliance. The tougher legislation certainly poses a greater challenge but health-checking compliance can create important organisational benefits across the board. Furthermore, that compliance must extend to all business applications as data has an infinite reach that crosses borders and geographical limitations, and if not properly protected can leave information about a business and its consumers dangerously exposed. So those applications must be kept in line with regulatory expectations.
Technology is forever advancing, and with the likes of AI, automation and the Internet of Things all contributing to a more connected and fast-paced culture of living, the strongest defence for an organisation against cyber attacks is knowledge and education. Facilitating training for IT and security personnel as well as management and giving them the tools to educate the rest of the business about the importance of cyber security is what will keep the organisation safe.
You may also be interested in these articles:
- Cyber Hygiene in the Workplace
- Working in Application Security
- What’s the difference between Information Security and Cyber Security?