Cyber-crime is an issue that undoubtedly spans the globe and with an ever-accelerating rate of technological evolution, it’s no wonder that incidents are becoming more commonplace – not to mention increasingly sophisticated! But is it really an issue that all organisations need to be concerned about?
The no-frills answer to that question is yes. Cyber-criminals don’t discriminate between business types or industries – and they certainly don’t let size put them off either. Whether a multinational corporation or a regional start-up, cyber-attackers show no mercy.
It’s in this respect that SMEs shouldn’t be lulled into a false sense of security and think that cyber-criminals won’t target their business – threats are around every corner of the digital minefield, and attackers are sure to strike if a firm’s guard is down.
All businesses hold valuable data
Whether its millions of patient records or a handful of email addresses in a customer database, the vast majority of companies hold some form of critical data in their IT systems. This is arguably the primary reason why cyber-criminals don’t favour any one organisation over the other – essentially, any data is valuable data.
SMEs should therefore recognise that they’re in the same league as bigger brands when it comes to cyber-vulnerability and accept that they are just as tempting to hungry hackers looking for their next information feast.
Every organisation has employees
Ironically, SMEs that barricade their IT systems against external hackers aren’t necessarily preventing attacks from happening. Whilst implementing security measures is of course important, it shouldn’t be presumed that cyber-threats always occur externally.
New research has found that 38% of IT security incidents occur through actions taken by their employees – something we’ve explored before. And with more flexible, on-the-move working taking place in modern-day businesses, it’s no surprise that public Wi-Fi hotspotsare one of the biggest cyber-crime enablers out there. That’s why it’s more important than ever that companies realise the work that needs to be done to ensure that their workforce is the strongest – rather than the weakest – link in their cyber-security strategy.
It’s true that staff who are not up-to-date with the latest threats – or who don’t know how to use their work devices in a safe way outside the office – are potentially leaving the door open to cyber-criminals searching for unprotected data. To help avoid the this from happening, SMEs should therefore take the time and effort to properly educate and train their workforce around the issue.
Everyone faces the financial backlash
Since the new GDPR legislation was implemented in May, all companies now have to adhere to the new legal grounds for obtaining and storing sensitive data. In the event of any personally identifiable information being lost or stolen, firms face incremental fines of up to £17 million or 4% of their global turnover.
At the end of the day, whether a business has five or 5,000 employees is irrelevant – if any critical data has been compromised, the Information Commissioner’s Office will investigate each incident with the same breach checklist and allocate penalties accordingly.
Perhaps then, the most important message around the issue of cyber-crime is that no business is safe from becoming a target. But if a company takes all of the possible steps to secure and protect themselves against the threats – starting with creating a robust IT policy– they’ve got a better chance of deterring the online crooks.
Are you looking to arm your SME against cyber-criminals? Why not get in touch with the Q2Q team to arrange a cyber-security and network assessment?