There are some things in life that are inevitable – death and taxes at the top of the list. To this list, I’m adding another modern day inevitability – being hacked!
You can be phished, clickjacked, spied on or attacked by a worm – the list of deadly attacks goes on. The types of malware and new attack vectors are growing at a frightening pace and trying to fight them off has become a daily concern.
Defending against cyber attacks and repairing the damage caused by hackers who break into security systems costs UK businesses a whopping £34 billion a year, according to the Centre for Economics and Business Research. Around £18 billion of this comes from lost revenues, whilst the IT department spends the remaining £16 billion on trying to shore up defenses.
Then there are the fines. In 2014, for example, holiday firm Think W3 suffered a serious hack in which 1,163,996 credit and debit card records were stolen. The ICO described the incident as a “staggering lapse” and issued a fine of £150,000.
And earlier this year, Barclays had to compensate 2,000 customers when their personal details were discovered on a stolen USB device – highlighting that data.
There is no escaping it – data breaches are on the increase and fines are only going to get bigger under sweeping changes to EU legislation. But all it takes is some common sense and a robust security strategy to ensure you aren’t in the firing line.
Don’t leave the doors open
When it comes to securing devices, the obvious option is encrypting and password protecting data. IT needs to install tamper-proof encryption software at the endpoint so that all data on the devices is encrypted by default. Solid security policies, when paired with advanced device management features such as remote lock and remote wipe, go a long way in protecting sensitive business data from falling into the wrong hands.
The clear message is that businesses need to get their houses in order when it comes to security. When the EU data protection regulation comes into force next year, businesses will not only need to be confident in their file transfer policies, but they will also need to be able to show a very clear audit trail.
It is not if you are going to be hacked, but when. And unlike death and taxes, this is something you can actively work to avoid.