Cyber Security – it won’t happen to me…or will it!
Cyber security is not something you can choose to ignore. Push it to the back of your mind and it may come back to bite you at a later date. Don’t be the business owner that thinks ‘it won’t happen to me;’ disasters such as floods, fires, theft and cyber-attacks can strike at any time and if you’re not prepared, you’re leaving your business vulnerable to data loss. This cannot only damage your business’ productivity levels and reputation but also lead to fines from industry regulators like the ICO.
What is the ICO?
For those who don’t know, the ICO (Independent Commissioner’s Office) is basically an independent authority, which has been set up to uphold information rights in the public interest. It is their job is to promote openness and ensure data privacy for all individuals.
Businesses are responsible for keeping customer and employee information safe. This means having adequate cyber security systems in place to protect the data they hold on file. Fail to do so and they can face hefty fines.
Staysure.co.uk Limited was fined £175,000 by the ICO after failing to prevent hackers from accessing its customer records. Over 5,000 customers had their credit cards stolen and used by fraudsters, as a result of a cyber-attack on the Staysure.co.uk website. The problem was that the website was storing customers’ credit card CVV numbers and the security number on the signature strip of the cards, which is actually breaking industry rules. These numbers should not be stored at all.
North East Lincolnshire Council
Businesses and organisations don’t even need to have their data stolen in order to get fined by the ICO. North East Lincolnshire Council received a monetary penalty notice after losing an encrypted memory device containing the personal data of 286 children.
The Money Shop
Just last month the ICO also fined The Money Shop £180,000 after it lost computer equipment containing a significant amount of customer details. The issue was that the information held on their servers was not encrypted. The company also failed to remove customer details after they were no longer in use, breaching the Data Protection Act.
New cyber extortion gang
Recently it has been reported that a new cyber extortion gang are targeting finance firms and threatening to swamp their servers with data, unless they pay them the equivalent of £8,000 in Bitcoins. The group, known as DD4BC uses a substantial network of computers to carry out Distributed Denial of Service (DDos) attacks, which send huge amounts of data to a site to overwhelm it and ultimately take it offline.
These threats are out there, so it’s worth keeping clued up on what you can do to protect your site.
Now’s the time to ramp up your cyber security!
Preventing cyber security attacks
The cases above prove that cyber security attacks and losses can happen to just about any company. With this in mind, it is paramount that you take action to secure your IT systems and any information you have stored on them.
Utilising security software is the first step to protecting your business but you should also be encrypting data and making secure back-ups too. Encrypting your data will prevent unauthorised users from being able to read it, should they somehow intercept it during transmission. Backing-up your data to the cloud or an off-site server will ensure that you are able to re-access copies of your data, should something happen to your in-house system like damage from a fire, flood or cyber-attack.
When it comes to cyber security, the consequences are too big, damaging and expensive to ignore. Fail to implement adequate cyber security and you are likely to receive a fine from regulators like the ICO at the very least. Some businesses never recover from cyber security breaches and data losses, as it damages their reputation and causes major profit loss.
Don’t be the person who thinks that these things only happen to others. Be proactive in protecting your data and reduce the risk of cyber security attacks, before it’s too late.
For more information about improving cyber security in your workplace, please get in touch with Grant McGregor on 0131 603 7910
Image source: http://www.sysplan.com/capabilities/cyber_security/