More than 3,800 publicly disclosed cyber breach incidents occurred globally in the first six months of 2019.
These figures are frightening enough in isolation. But it gets worse. Numbers have risen by more 50% over the last 12 months. And these were just the reported incidents.
It can happen to anyone
Risk Based Security’s stats involved businesses of all sizes, across a range of industries. In reality, we’re all at risk of a cyber breach.
More data, from Beaming, shows that 63% of small businesses in the UK suffered cyber attacks in 2017. The average cost? £65,000 per victim, £13.6 billion across the year.
Identifying vulnerabilities and threats
The first step in tackling cyber crime is to understand organisational vulnerability. Experts typically point to two main things:
- Outdated systems: Cyber criminals are evolving fast and so should you. IT systems should be updated regularly to make use of the latest security patches.
- Poorly trained staff: A 2018 report from Verizon showed that 90% of all malware finds its way into businesses via email. All it takes is for one employee to get fooled, click a harmful link, for a cyber breach to occur.
Risk management
UK businesses are attacked once every minute. While you can’t avoid these attempts, you can do more to stop the attackers getting through.
Prevention begins with updates and education. Your IT team and any tech suppliers you use should be on top of the latest trends in cyber security, and regular patches and tests are imperative.
Next, train all staff about the risks and threats posed by cyber criminals – make sure they understand what’s at stake and what steps they can take to avoid becoming a weak link. If you can’t do this in-house, consider enlisting a dedicated cyber security training provider.
You’ll also find external help in the form of cybersecurity auditors and specialist insurance companies – the former will help you identify vulnerabilities while the latter will minimise financial impact should you fall victim.
Building a culture of cyber-awareness
Training existing staff isn’t the only way to build a cyber-aware culture within your business – it’s something that must be considered during recruitment too.
Your IT staff should of course be fully adept with cyber security matters, and candidates for roles in other areas of the business also need a certain level of understanding. Include basic awareness and tests as part of your hiring process to ensure you’re not making your business more susceptible when bringing new people on board.
For help expanding your cyber-aware workforce, and in building a formidable team of cyber-security experts, get in touch.
