As we saw in a recent Department for Business, Innovation and Skills (BIS) survey (conducted by PwC), the number of security breaches inflicted on UK businesses has increased considerably this year.
The report showed that the cost of a breach rose to an average of £1.46 million, up from £600,000 the previous year. It also revealed that 90 per cent of major British organisations, and 74 per cent of small to medium-sized businesses were hit by security breaches.
And David Emm, Principal Security Researcher at Kaspersky Lab, has now come forward with his thoughts on how businesses can tighten their security and avoid falling prey to breaches.
The first point Emm makes is never to assume that your company is too small or doesn’t hold anything of interest for cyber criminals – any organisation could be a target, if only for the possibility that gaining access to their network could be a stepping stone to breaching a bigger firm.
So every company should have a strategy for combating cyber attacks, which he notes should cover the following elements: “It must contain an accurate assessment of the dangers, the methods cybercriminals could utilise to infiltrate corporate systems, the tools required to mitigate the risks and actions necessary for handling the human element of security in the company.”
He further advises that every staff member must be educated on the company’s security policies, as most cyber attackers make inroads onto the firm’s network by tricking an employee in some manner. Security policies must also be easy to understand, and communicated to staff in varied forms, written and verbal.
He notes: “Companies often put policies in place and have staff sign a one-off agreement of understanding, but then fail to ensure this is monitored with systematic awareness and education sessions that make imaginative use of various tools to ensure security is always front of mind.”
As we have observed in a past article, the best defence against cyber crime and data breaches is to get your employees on board.