Cyber attacks are real, dangerous and could threaten the very existence of your business. Cyber crime is rife because there’s lots of money to be made from it. According to McAfee’s latest report cyber attacks cost the global economy as much as $600 billion in 2017. Such attacks are far reaching and affect individuals, businesses and governments. That’s not to say that there isn’t much that can be done about it.
Just last month International Trade Secretary, Dr. Liam Fox launched the government’s new Cyber Security Export Strategy to promote the UK’s world-leading expertise and strengthen defense capabilities in the UK and allied countries.
Cyber attacks are threatening NATO countries as well as large global and UK organizations but the government is calling on all businesses from the UK and allied countries to ensure they have the best security when it comes to fighting cyber crime.
Cyber attacks are becoming more elaborate and there’s no guarantee that your brokerage will be immune to such attacks. But there are things you can do to reduce the risk of becoming a target, both on a business level but also on an individual level. However, it’s important, firstly, to understand the risks and to educate yourself.
Who’s at risk?
When it comes to cyber attacks, it’s countries and larger firms that are typically targeted. Much has been reported on the possibility that Russia is poised to launch a cyber attack against the UK. According to reports the British Prime Minister, Teresa May, has pledged £15m to strengthen cyber security defences. There are claims that Russia has targeted the public sector, media, telecommunications and energy sectors.
When it comes to cyber attacks, it’s countries and larger firms that are typically targeted. Given the stand-off between the UK and Russia you may be forgiven for thinking ‘it won’t affect my small/smaller business surely?’ But you’d be wrong and this type of thinking is what could also put your business at risk as it would be an easy target. Remember it’s not only Russia that has this capability – other countries, individuals and groups have this type of capability too and not all of them may want to topple just major businesses and governments.
Individuals are also said to be at risk and it’s easy to see why – most don’t have the budgets to get the best software that money can buy. It has also been pointed out that individuals are vulnerable because of how most devices in the home now connect with each other. Clearly aware of this, government has recently said it will work with industry to implement a rigorous new Code of Practice to improve cyber security of consumer internet-connected devices and associated services.
The number of devices that we connect to in our every day lives is continuing to grow at a rapid rate. According to figures produced the Department for Digital, Culture, Media & Sport every household in the UK owns at least 10 internet connected devices and this is expected to increase to 15 by 2020. The department also said there would be more than 420 million of such devices in use across the country within three years. A cyber attack would be a logical way of crippling a perceived enemy.
So what can you do?
There are several things you can do to protect your brokerage as well as yourself from such potential attacks.
Protecting your brokerage:
- Educate your entire work force: The majority of attacks are easy to prevent but that’s provided you have everyone on board and working together. Your staff can’t work together though if they haven’t had adequate training or if the training is infrequent. How often have you reviewed your cyber-security processes with your entire team? If it’s been months or years, best get started with educating them and maintaining a routine.
- Reiterate the importance of security: It’s easy for people to be careless when it comes to security, particularly when ‘nothing has happened’ and the mentality of ‘it’s not going to happen to me’ sets in. But one rogue email that gets opened by an employee going through their spam folder in their lunch break could shut down entire systems. Make it clear how seriously your brokerage takes its cyber security and tell your staff on a regular basis that they must be vigilant at all times. Provide training if you are concerned.
- Make sure you have process controls: If you are introducing new processes into the business have you thought about your cyber security needs? If not, it’s best to get a specialist in to ensure that process controls for cyber security are in place. It’s a case of going through each process and operation and asking ‘what risks am I exposing the business to?’
- Do you have the right technology in place? A while ago, we wrote about how important it is to patch systems with security patches when they are released. Make sure your IT team have a maintenance cycle and adhere to it. This will again go a long way to prevent cyber criminals from attacking your business. Update firewalls, anti virus software and encryption.
- Don’t let your staff get tricked or scammed: Your company is not only at risk from hackers – human error could be your downfall too. Humans are curious creatures and at times can be gullible too, particularly if something appears to be legitimate at first. Cyber criminals have an array of strategies to target individuals and businesses, including online scams, fraud, attacks on computer systems and prohibited content.
Educating your staff about common tricks of the trade is a must. A typical cyber scam includes telling employees that a client’s bank account has changed. Train your staff not to take this on at face value. It’s easy to have this checked too by giving the client a call and asking them if they have changed their bank account details. If you can, make sure that bank account details are amended in person rather than through emails or telephonically.
- Make sure you have the right insurance cover: A good cyber insurance policy could help you in your time of need if something does go wrong. Cyber crime and the risks associated with it are increasing rapidly and insurance can provide a good safety net.
When it comes to cyber crime you’ve got to protect the business as well as your employees working within it. It’s no good getting the latest software for your company’s laptops, cellphones, etc., when an employee’s cell phone connected to a company device ends up compromising data when they work from home or at the office. The department for Department for Digital, Culture, Media & Sport provided several tips for how individuals can prevent a cyber attack. These include:
- Researching a product before buying it. Speak to experts and look at the specs of the device online. Are you familiar with how to operate it and protect it? Speak to the retail store that you obtained the device from to ensure that it has all the security you need.
- Checking the home router does not have a default password/username: If your employees are working from home on some days it’s vital that they are protected too. Ask them to check if they have a default password. If they do, it could make their home vulnerable to hackers. Get them to change any default passwords and user names found in devices.
- Checking all available security settings: This is vital – the more security you have, the better. Make sure you regularly check your security settings.
- Checking for any updates: Encourage your staff to keep their data as up to date as possible. While it may be a bugbear to have work interrupted by updates it’s one of the best ways of ensuring that software security is functioning at it’s optimum level.
- Making use of two step identification options: Again this may create some annoyance when it comes to accessing data but if another layer of security can be implemented ask your staff to use it.
Cyber attacks can cause chaos and result in you losing vital information about your clients and other types of data that make your business function. But the truth is that prevention can go a long way to ensuring you are not vulnerable to attack. Taking these precautions both in your business and on an individual level can do much in reducing the risk of a cyber attack.
Don’t bury your head in the sand about the possible dangers that a cyber attack could pose. Remember it’s not only financial data that you could lose but your reputation as a business too. It may be possible to retrieve data but it may not be possible to restore the faith that a customer had in your business. That would take time – if it can be restored at all.
If you have any cyber security questions, needs or concerns, talk to SchemeServe who can help you put the right processes and software in place to ensure that the risk of a cyber attack are greatly reduced.