By: Bruce Skinner, CEO, Alto
“I’ll hazard I can do more damage on my laptop sitting in my pyjamas before my first cup of Earl Grey than you can do in a year in the field.” Q, Skyfall (2012)
Technology has become one of the unequivocal mainstays of modern business and most of us would be lost without it, but how do you protect your business when technology is wielded as a weapon and you need to prioritise the health and safety of your data?
There can be no doubt that adapting to the massive, global shift in working practices of the last 18 months has certainly been challenging for many businesses, and operating practices in a post-pandemic world have accelerated change on many fronts. Most of these advancements are positive but, as technology has continued its ascension in our everyday business lives, so too has the need to step up data security.
Cybersecurity is a term which has become widely used in recent years, but what does it actually mean for businesses and how do you stay on top of what sometimes seems like online warfare?
In simple terms, cybersecurity is any action taken to protect your company data, personal and sensitive information which is stored online, on a server or in the cloud – and it’s big business in the world of cybercriminals. In November last year it was reported that. if cybercrime was measured. its “value” would be equivalent to the world’s third-largest economy after the US and China. It’s a sobering thought when facing down an evolving spectre we can’t see but the effects of which may be far-reaching if our business falls victim to an attack.
So, with the stakes so high, it’s little wonder that the unscrupulous hackers are using every weapon in their arsenal, and rapidly devising new ones, to keep up the attack and try to infiltrate any system where they might find valuable data that could be turned into cash.
The increasing amounts of technology we use to run our businesses generates and gathers increasing volumes of data and so the likelihood of attack consequently becomes a question of when and not if – and it’s not just individual businesses at risk anymore because hackers know that, if they can break into a Managed Service and Security Provider (MSSP), they potential unlock a treasure chest of ill-gotten data.
Just as the sophistication of the methods used ramps up, so too does the number of methods deployed in the online battlefield but email systems remain the most common method of entry. Some are weapons many of us have heard of such as hacking (where people or automated systems try to access a system by any means possible) and phishing (sending deceptive emails which aim to lure the recipient into divulging data for the hacker to use). Others include data breaches or identity theft, cases of which have risen by a reported 160% since 2019, and malware malicious software which is designed to disrupt, damage of spy on a system to build up a picture of a person’s habits or online activity.
The list is growing, and fast – and so too is the range of businesses targeted. It’s not so long ago that big corporate entities were the preferred targets for cybercriminals and, although they still are, any business of any size in any sector could now find itself in the crosshairs, indeed almost half of cyberattacks are aimed at small businesses.
Worryingly, it can take over 100 days for a cyberthreat to be noticed within a business and, by then, it’s often too late. Lost and/or corrupt data which has been raked over, operational downtime, reputational damage – the list of headaches is long, and each factor has time-consuming and far-reaching implications.
Put together, it’s an apt reminder of the old adage: “prevention is better than cure” and, when it comes to cybersecurity, the saying couldn’t be more appropriate.
Clearly the best solace is to be found in proactive prevention to minimise damage to your business and the best starting point is to work with a MSSP to set up a cybersecurity strategy which works in step with training so that people can be used as the first line of defence – knowledge is power after all. They are consistently among any business’s strongest assets and, with the right licence to skill through training and education, they can offer a very important level of protection.
Cybersecurity is undoubtedly a multi-layered issue which requires multi-layered solutions so in the absence of your very own, in-house Q maybe resetting your focus on cybersecurity should be top of your corporate hitlist.