Size doesn’t matter!

Back in May a well known furniture retailer was hit by a cyber attack which took all it’s back office systems offline.

Today, several weeks later, the company is still trying to get everything back up and running.?Meanwhile, customer orders remain in limbo leaving customer patience and its reputation in jeopardy.?This is a group with annual turnover of more than a quarter of a billion pounds.?One can imagine that the IT budget was not insignificant.?The retailer shut down systems as soon as they realised and according to their press release, no customer data was lost or compromised.?However, the damage caused is clear for everyone to see.

Now, not every business generates the sort of annual income as this company and therefore the vast majority operate with an IT budget a fraction of the size.?So what does that mean for businesses constantly under threat of attack?

Well, as with most things, it’s about being smart in your approach.?As with anything, it’s possible to get tied into long term commitments, pay over the odds for a product or solution or merely buy into the marketing blurb that claims it’s the best thing since sliced bread.?Then sit back, relax and get on with the ERP project or the rolling out of O365.?Job done.?Well not quite.?The battle is constant.

I genuinely have a shiver go down my back each time I’m told that the business has not reviewed its cyber security arrangements for over a year.??I get that we’re in unprecedented times and even before the pandemic, many SME’s were operating with a single IT resource and not a department blessed with 10-20 highly skilled IT professionals.?That said, today’s modern working environment has evolved considerably with many businesses adopting remote working, BYOD mobile policies, increased email usage or a combination of these and other factors.?

Cyber criminals do not just look to exploit weaknesses in systems but they also target workers too.?A busy or stressed worker is the perfect target as they are more likely to click on a link or respond to an email sent by a criminal impersonating a member of the board.?Increasingly, today’s employee spends some or all of their time operating outside the protection of the office perimeter, relying on a vulnerable home WiFi network or using business applications on a mobile device.?It’s therefore vital that all businesses recognise that staff are another area of cyber investment they should be making.

Businesses need to educate staff so they are clear on how they can play a huge part in protecting the company assets, the client data and help avoid weeks or months of lost revenues and lasting brand damage.?Security Awareness Training is inexpensive and easy to deploy across any sized business and therefore is proving increasingly popular among businesses looking to protect themselves against the threat from cybercrime.

Find out more:?https://lnkd.in/e3ciE-U

#cybersecurity #usertraining