How to protect your business from Cyber Crime & Data Loss
November, 2014
In today’s business environment the use of computers, technology, social media and the internet has become more prevalent. I cannot think of business that doesn’t use the application of technology or the internet in some aspect of their business however, this brings with it emerging risks that could result in loss of turnover and a host of unforeseen expenses and legal liabilities.
In a new world where technology is so frequently used and online business and social media is are part of business everyday tasks, it also brings with it a growing rate of cyber-attacks and cyber crime. The costs of cyber crime are estimated to be around £27 billion a year in the UK alone and reports that 32% of businesses in the UK are more concerned about the threat of cyber crime and data loss now than they were 6 months ago. This is also due to the amount of publicity this has had in the media e.g. the ‘Heartbleed’ scandal. Large firms such as Tesco and JP Morgan have also been victims of cyber crime and data loss, but more reports are showing smaller companies are also being compromised.
These emerging risks should be incorporated into a business’s risk management and budgets to absorb this type of risk. There are 5 main types of cyber crime:
1. Phishing – attempt to acquire sensitive information
2. Viruses / malicious software infection
3. Unauthorised network access by outsiders or employees
4. Denial of service attacks
5. Intellectual Property or confidential information theft
Good risk management systems can have a massive impact when protecting your business from these types of threats however, when things do begin to go ‘pear-shaped’ there a number of insurers that can provide insurance offering an added layer of protection. If you are interested in learning more about Cyber Insurance please feel free to contact us or check out our Cyber Insurance page. For those looking at your risk management systems here are our seven safe steps to reducing your cyber risk.
1. Errors / Omissions management – have an incident response and disaster recovery plan, test run and refine.
2. Home & mobile working – develop an out of office working procedure
3. User Training & awareness – produce user security policies covering acceptable and secure use of your organisation’s system
4. Managing user privileges – limit user privileges and motior user use or any unusual activity
5. Information risk management regime – establish who will govern procedures at senior level and determine your risk appetite.
6. Removable media controls – control access to removable media and scan all media for malware before importing on to your own system
7. Malware protection – establish anti-malware defences and scan for malware regularly
Contact us for more information