Cyber crime: It is not only an IT issue

Companies have the best chance of protecting themselves against cyber criminals and careless employees if they adopt a risk-based proactive mindset to cyber security and fraud prevention say security experts – and leaving the EU won’t change this at all.

Joe Jouhal, Avatu CEO

  • Cyber security should not frighten companies. They should see it as a boardroom or leadership business risk issue, not a technical problem
  • Whether inside or outside the EU, adopting a proactive mindset to security will give back control to organisations of their valuable data (their crown jewels). New legislation will soon force this anyway. And MPs want to make data security a condition of CEO pay
  • 94% of successful malware and ransomware attacks come through email. But there are simple technologies already available that massively reduce this and other threats

Companies have the best chance of protecting themselves against cyber criminals and careless employees if they adopt a risk-based proactive mindset to cyber security and fraud prevention say security experts – and leaving the EU won’t change this at all.

Cyber security is a major problem for businesses all around the world. But many struggle with creating a cohesive strategy to deal with cyber crime and information security because they consider it merely as a technical issue and not a boardroom priority.

Organisations leave themselves vulnerable when they don’t fully evaluate the risk businesses face. They often over-estimate their current protection and are unaware of the new more sophisticated solutions available to help.

Business leaders and the MPs also agree that many organisations need to give it more priority and ‘get real’ about the risks involved, and the costs of getting it wrong.

Stop burying your head in the sand, businesses leaders told

The chair of the Institute of Directors, Lady Barbara Judge, said that many companies are still ducking the issue.

“Although it is creeping into the remit of some risk committees, I think the whole issue of cyber security is so overwhelming to boards that often they put it in the ‘too difficult’ category,” said the IoD boss.

New legislation due to be introduced in 2018 is about to provide a sobering reminder for UK business on why they should be taking the issue very seriously.

Getting things wrong and not protecting sensitive information could cost organisations up to 4% of their global turnover.

UK parliamentary Select Committee MPs are also urging companies to penalise CEOs for data breaches that happen in their firms.

The culture committee wants to make sure digital security is a priority for chief executives by linking it to their pay.

Improving security is relatively simple say experts

There are, however, simple things organisations can do to vastly improve their protection say cyber security advisors.

“Cyber security is not a technical issue, it’s a business risk. People shouldn’t get hung up on the jargon or be paralysed by the perceived scale of the problem or the solution,” said Joe Jouhal, CEO with UK business cyber security advisors, Avatu.

“Theft is theft, no matter what tools they use. Business leaders have dealt with risks like this before and they’ll deal with them again. But they do have to face the issue head on,” he said.

“Adopting a risk-based approach, where they assess what’s most important and then protect it properly, is the first step.

“They’ll also be surprised by the new relatively inexpensive technology that already exists, which can greatly reduce their risk. Firewalls and anti-virus tools are simply not enough, these days.

“Today companies can easily protect their data at source through information rights management. This gives them full control over who can see it, and for how long. It also controls what they can do with it, no matter where the information is stored. And they can pull the plug to deny access, remotely at any time.

“Up to now, the average time it takes to discover a breach is 247 days. New technology means that organisations can know – virtually instantly – if they’ve been breached – reducing the time hackers have to do damage from many months to minutes.

“And there’s also new technology which makes email attachments safe and blocks the most commonly used route for malware and ransomware.

“There are many simple options but only the organisations who take it seriously give themselves the best chance of protecting their current position and their future development.”

For more information contact Avatu cyber crime advisors on 01296 621121 or cybersecurity@avatu.co.uk


Shares

Get our latest features in your inbox

Join our community of business leaders