MASS Manchester Region Co-ordinator/Partner and Head of Injury Department, Kate Sweeney, warns us to be on our guard and prepared for an attack!
If you thought the 'Attack of the Cybermen' was simply an episode of Dr Who, then think again! (Incidentally, it was – the best of which was in 1985 when the lovely Colin Baker was Dr Who!).
Cyber crime has now overtaken physical crime in the UK, with over 50 per cent of crime in the UK now being done online. It’s estimated that almost one million new malware threats (and that’s a computer virus or other malicious software virus to you and I) are released every day, and it’s not just big companies and organisations that are being targeted. These cyber hackers are after everyone – including you and me, personally and also professionally, as they are targeting the law firms we work in.
It’s estimated that cyber crime costs the global economy around $445 billion a year, and to the UK economy the figure was estimated in 2013 as being $11.3 billion. Whilst debate rages about actual cost, there is no doubt that it is costing our economy and us, a huge amount and that it is undoubtedly a serious issue.
But how seriously are you taking it? Did you read the news about TalkTalk - and who hasn’t in the last week or so - and Ashley Madison, and others before them such as Carphone Warehouse, Domino’s Pizza, EBay, Google, Target and many, many other high profile, and indeed high tech IT companies – and think we are safe?
You need to think again. Small to medium sized businesses are just as appealing to cyber criminals and hackers tapping into this profitable black market, as are the big organisations mentioned above, if not more so, because we tend to have weaker online security, because we tend not to have the budget to spend on security technology or indeed cyber insurance and because we don’t think it will ever happen to us.
Statistics suggest otherwise. And we need to be prepared for it. Do you have cyber security covered in your disaster recovery plans? You need to establish a security management strategy, so in the event you are targeted, your entire organisation works together to prevent and deal with attacks should the worse happen, and, chances are it will happen, if not already.
Have you looked at and obtained cyber insurance? It’s out there and is a growing market.
Have you looked at getting some basic cyber credentials – have a look at the Cyber Essentials Scheme as a basic starting point.
And there are other, simple and fairly cheap things you could be doing to improve your cyber security. Like training your staff.
Employees are often the weakest link and 95 per cent of breaches stem from human error. Our staff are no exception. Make your staff aware of the latest threats, such as phishing scams – do you staff even know what a phishing scam is? You need to create a culture of cyber security. Everyone in your organisation needs to understand the importance of cyber security, so provide regular training and share latest cyber scams.
Ensure if your staff use their own personal, insecure mobile devices for work, or vice versa, that you have a mobile device policy, which can minimise the security vulnerability the use of such devices brings.
And sharing information outside your organisation is also helpful. According to recent figures, only 36 per cent of security and IT professionals share information with industry groups, which contrasts sharply with how fast cyber criminals work. Do you know that when hackers release a wave of malware-laced spam e-mails, it takes only 82 seconds for someone to get duped and become the first victim (source: Verizon Security).
Choose a security system that fits your business. I know times are hard and money’s tight – but can you afford not to? We are as much at risk as large corporations and we all need to do more to protect our own organisations information and our clients’ information. And not just their data – how secure is your firm’s business banking and credit card information? Cyber criminals are sophisticated and clever and we need to be prepared, rather than to avoid, cyber threats. Not to could cost us dearly, both financially and reputationally.