Assess and audit the almighty defence

Assess and audit the almighty defence

The horrendous experience that TalkTalk has undergone should be a lesson to all of us, says Mike Mullaney in support of BQ’s campaign for greater awareness against cyber crime.

Advances in communications, technology and digital infrastructure are revolutionising how we live. And businesses continue to be transformed by the digital revolution. From using targeted online advertising to reach new markets, and mining big data to build a detailed picture of a customer base, to processing payments online and storing data in the cloud – firms are taking advantage of technological progress, and are gaining benefit to realise their growth ambitions.

However, there is that other vital consideration: digital revolution also means businesses are vulnerable to attack on a totally new front. The constant development of new technologies means criminals have more opportunities than ever to exploit these for their own ends.

The Government’s Cyber Security Breaches Survey recently released illustrates the extent of the potential for harm that arises from a cyber attack. It reveals that, worryingly, two thirds of businesses in Britain have been targeted by cyber attacks in the last year, while a quarter have experienced a security breach at least once a month.

Perhaps most alarmingly is that, despite this very real threat, half of all businesses have failed to carry out risk assessments or audit their cyber vulnerabilities, the same research shows. Just 30% of firms have developed formal cyber security policies, too. This suggests lack of awareness that could end up costing businesses millions.

The high profile data breach that TalkTalk suffered last October demonstrates the potential impact of a cyber attack. It affected almost 157,000 customers and cost the firm £42m. Impact was still being felt some six months on. The latest financial report has revealed that profits have more than halved to £14m from £32m a year earlier.

While the task of protecting your business from vulnerability to cyber attacks can seem daunting, doing nothing can bring an outcome even more concerning - grave implications for the bottom line, plus reputation and customer confidence. And, just as the risk of cyber attacks has risen, so has the cost of insuring your business against breaches, particularly if you hold confidential data and so are classed as high risk.

By taking just a few simple steps, however, you can start to bolster your firm’s stance against cyber attacks:

  1. Create a formal policy about internet usage and ensure all staff are familiar with it. By circulating information about the latest scams doing the rounds, you can educate employees to be wary of unfamiliar links and emails.
  2. Keep your IT equipment updated. This includes using the latest versions of operating systems and software, as well as the latest antivirus programmes and firewalls.
  3. Consider a reputable cloud services provider. Outsourcing your data handling needs to a reputable third party can be a cost effective way for even small businesses to ensure they have the best defence against attacks.
  4. Create strong passwords – and change them often.
    1. At Lloyds Bank, we have introduced a programme of activities to build awareness and knowledge about fraud through quarterly webinars, fraud brochures, and by offering practical advice around fraud risks and prevention. By us helping our existing and new clients in the North East to protect themselves against the threat of cyber fraud, they can focus instead on continuing to play their vital role in the regional economy.

      Digital revolution can be to our good, provided we carry out our risk assessments and audit our cyber vulnerabilities regularly.

      Mike Mullaney is Lloyds Bank area director, mid markets for the North East