First steps to securing your data from Cyber Attacks
It seems that a day does not pass without some form of Cyber attack hitting the IT news and when a well-known brand is involved all the media are interested. The facts are that the number of Cyber attacks are growing and that no business, small or large, can afford to ignore the potential damage a successful attack could have upon the business.
The first steps are: -
1. Acknowledge that Cyber attacks are a threat to the business.
There are many issues and threats that businesses have to confront and these, thankfully, never materialise but despite this businesses invest in insurance and physical security. Cyber attacks are not dissimilar and should not be ignored on the basis that they have not been experienced.
2. Allocate responsibility at the highest possible level for securing business data.
Enhancing security is more than just checking that the technology is working and changes in working practices may be required. These will be more readily implemented if the business sees support from the business leaders.
3. Undertake a review of the current security provisions by appointing a specialist advisor.
Cyber security requires specialist knowledge and the review required will cover existing technology protection against viruses, email Trojans, and external hacking, as well as the policies and controls over the IT systems holding sensitive data.
4. Address the gaps identified during the report.
A strategic plan will be required to enhance the security provisions in order to eliminate the risks and gaps identified. These need not be expensive changes but moreover they will require commitment throughout the business.
5. Monitor threats and modify provisions as required.
Sadly the nature of Cyber threats changes every day and businesses will need to keep the security provisions under constant review and be ready to make changes when necessary.
There are further steps to consider such as seeking certification against security standards such as the recently Government launched Cyber Essentials standard. Yellowspring has actively contributed to the development of the standard and is well placed to advise and guide businesses in enhancing their security provisions as well as securing the CE certification.