Cyberattacks are big business for criminals. Which is why, if you sit in a boardroom today, you should be making cyber security your business.
It is no longer enough to leave the issue to your IT team. Managers need to understand the threats and build resilience into their business strategy so they can react quickly and maintain operations if their IT systems are compromised.
Cyberattacks pose a threat to organisations of all sizes, particularly those that handle sensitive corporate or financial information. They are no longer conducted by student hackers in their bedrooms, instead they have evolved into sophisticated and incredibly disruptive events that can easily bring a major corporation to its knees.
According to recent figures, 88 percent of UK companies have experienced a data breach in the past year, while one small business is successfully hacked every nineteen seconds. Such data breaches could cause significant reputational damage and is therefore critical that senior executives use their position to prioritise cyber security to maintain the integrity and continuity of their business.
Navigating cyber security in the COVID workplace
Traditionally, it was fairly straightforward to protect the corporate network from unwanted intrusions. However, the move to remote working has dissolved the perimeter. The proliferation of mobile devices, public cloud services, Software as a Service and home WiFi, has opened up a threat landscape which has few borders and leaves many businesses at risk.
Vulnerabilities exist everywhere and can appear overnight. Attackers can find their way into your systems and sit patiently for months, learning about your infrastructure and network, waiting for the right moment to attack. They have the power to delete your backups and encrypt your files before they have even pressed send on the email that demands the ransom. It is not enough for corporations to monitor threats only during working hours, or to cut corners when it comes to a security solution. Criminals don’t work 9 to 5 – cyber security needs to be a full-time issue addressed throughout the business at every level.
How to prioritise cyber security in the ‘new normal’
A breach poses a potentially existential threat to any organisation – particularly those who are working remotely – meaning security has to be viewed from a different perspective. The default position for every business should be to assume that it will suffer a breach. So the strategy should be to monitor the IT environment to look for threats and have processes in place that allow you to respond quickly to restrict the damage should the hackers succeed.
Last year, the mean time organisations took to identify a breach was reported to be 197 days, while the mean time it took to contain a breach was 69 days, so it’s crucial that this window of opportunity is reduced. Key points for your C-suite to consider should include:
- Prioritising security across the board, meaning all employees are aware of cyber security protocols and how to identify suspicious activity – not just those in the IT department.
- Investing in 24/7 security monitoring to reduce the mean time to identify and contain a breach.
- Ensuring an up-to-date copy of all critical data is stored offline.
- Ensuring all vaulted data is tested to check it has not been compromised.
- Making sure you report on metrics in the event of an incident in order to better understand the breach.
Having a clear communication plan that details who is responsible for reporting security threats and containing their impact.
Business managers can take the guesswork out of cyber security by investing in managed security services from an accredited cloud solutions provider like iomart. This allows security-related events to be monitored, analysed and reported 24/7, with immediate action taken to prevent a vulnerability being exploited once identified. Ultimately, businesses need to prioritise conversations around real solutions and continue to integrate cyber security into their boardroom strategy, in order to keep their employees, customers and reputation safe.