We talk a lot about cyber security and the various steps businesses can take to shore up their defences. But if you’re a new business, or new to the cyber world, you might not know exactly what cyber security is, or why it’s so important. In simple terms, cyber security is what we call the variety of technologies, processes and controls that are designed to protect businesses from digital attack. Cyber security covers everything from data to systems and networks, and focusses on keeping it safe. If it’s done well, effective cyber security can reduce the risk of cyber attacks and protect businesses and organisations from data theft, exploitation or extortion. Want to know more? Read on.
The Cyber Threats Organisations Face
Although bigger businesses tend to be more realistic about the kinds of cyber threats they may face on a daily basis, a lot of smaller and medium sized businesses still don’t know exactly what threats they might face. In fact, as many as 45% of small and medium sized businesses think they aren’t a target of cyber attacks at all. In reality however, it’s this size of business that are the perfect targets for hackers, and it’s these businesses who need to make sure they are protected. If your business is connected to the internet in any way (and we’ve not met one that isn’t yet), then you are at risk of attack. These attacks can come through malware designed to disrupt your business, ransomware, data theft or even just straight up stealing money from you, with every business presenting a viable target.
It doesn’t even matter if you don’t think your business has anything valuable to attackers. A lot of cyber attacks are automated and indiscriminate, so it is more about exploiting vulnerabilities than it is about your specific organisation. If hackers find what they want in your business – whether that’s information, money or customer records, they will try to take it, regardless of your size or industry.
What are the Consequences of a Cyber Attack?
If targeted, you could become a victim of identity theft, monetary theft, fraud, blackmail or data leaks. These attacks could easily turn your business from a thriving enterprise into a ruined shell in a matter of hours. That’s not us being dramatic, by the way, cyber attacks have the potential to disrupt your business and have caused considerable financial, reputational and operational damage to even the most established and resilient businesses. Just look at the damage done to companies like Equifax, Yahoo, Trump Hotels, Sony’s PlayStation Network and Telefonica (who were forced to shut down after their attack). Last year, the government’s cyber security breaches survey from 2017 found that the average cost of a cyber security breach for a large business is around £19,600, with the average cost to a small business adding up to £1,570. For many SME’s and developing companies, these costs are devastating, and often impossible to come back from.
Creating a Solid Cyber Security Foundation
So how can you avoid becoming the victim of cyber crime? To begin with, you need a solid foundation of cyber security to build on. If you think of your cyber security as a net, you want the mesh to be as fine and tightly woven as possible, to keep out threats of all sizes. If your net has holes in it, then criminals can swim through easily.
The first place we would look for holes is in your technology infrastructure. Technology solution providers often tell their clients that their applications are 100% compatible and will integrate seamlessly with the current IT infrastructure, and for the most part, this is true. The problems happen when you start adding IT security solutions from different manufacturers, regardless of the granularity of their configuration settings, and gaps start to appear in the integration – and in your security net. These gaps will always appear for one simple reason: developers will always keep certain portions of their code proprietary. It’s what gives them a competitive advantage. So, the true compatibility of your infrastructure might only be 90% across the board. Combine that with users who don’t update their systems when they should (hands up if you’ve ever ignored a security update on your devices?), or flawed IT and security practices, and you’ve got a whole host of gaps left for attackers to exploit.
A solid cyber security foundation will help businesses identify these gaps. When you know what they are, you can work out the appropriate actions and mitigate the risk of an attack. That gives you a secure, hole-free net to start with. Plugging these gaps however could involve a lot of different things. You may need to create protective firewalls, improve network security protocols, install a new security architecture, design risk assessments or adopt a more proactive incident response plan. None of which is all that easy to do on your own.
At Bridewell, we use all these approaches and more to help businesses establish a solid base for their cyber security and keep making it stronger as time goes on. Our team of experts can work closely with your business to identify potential weak points and shore up your defences, so that your business is ready to face and repel cyber attacks. For more information, just get in touch with our team and arrange your free consultation today.