Despite the fact that on almost weekly basis there are industry and public news reports stating that yet another company has fallen victim to a cybercrime, and despite all the warnings issued by security firms the majority of companies across the board are still very much lackadaisical when it comes to cybersecurity.
The irony is that many CEOs, CSOs and IT managers will read that last part and shake their heads at the “other” companies, when chances are that their own security measures have major flaws or loopholes. Yes, an impregnable security system is nearly impossible and yes, high-grade cybersecurity does cost a pretty penny, but it has sadly come to the point, where it must be stated that some security is better than none at all.
A recent Lloyds of London study shows that an overwhelming amount of European business have been breached within the last five years. It is hypothesised that the lack of security is directly correlated to the perceived impact that the breach has on a company. A concerning trend has risen in which businesses tend to greatly underestimate the impact of a breach. 13% of these businesses believe that a breach will not affect trade at all. That is like watching a meteor descending from the heavens straight to ones face and then uttering “It’ll be okay”.
The fact of the matter is that breaches will have an effect on any business, one way or another. Many business owners only think of the upfront costs of a breach, mostly in the form of money lost or stolen. This is logical as the consequences are quickly quantified in terms of Dollars, Pounds or Euros lost. However, what many of them fail to see are the hidden or lasting consequences. A small breach today can in fact place a Trojan in a system that can lurk and collect data for months, even years before the fateful day when a massive data dump occurs and a company’s information is lost to the ether. Then there’s the cost of damage to a business’ reputation once reported that it is breached. The loss of trust with clients can, at times, be irreconcilable.
The European Union has recently announced that effective May 25th of 2018, the General Data Protection Regulation (GDPR) will come in to full force. This regulation stipulates that any company or organisation has up to 72 hours to report a security breach lest it be fined up to 20 million Euros. This is not some small or a hash slap on the wrist. 20 million is a hefty amount of cash and can cripple, or even bankrupt, a business. The sad part is that most business owners in Europe are not even aware what the GDPR is, when it will land and how it will affect them. They don’t even know their potential savior, in the form of cyber insurance, exists. Cyber insurance will not only help organisations recoup financial losses from an attack, but can also help deal with violations of regulations like those of the GDPR.
David has held positions as Operations Director and Head of IT in legal and professional firms for more than 10 years. He is a Director and co-owner of Amazing Support, a Microsoft Silver accredited and specialist Managed IT Support and IT Services company. David actively helps SME businesses receive better Managed IT Support and IT Services in the London and Hertfordshire areas. He also assists overseas companies who are looking to expand their business operations into the UK and helps with their inward investment IT process. A professional member of The Chartered Institute for IT (BCS) and an event speaker promoting business start-ups and technology awareness. Married with a son, you will often see him riding his bicycle around the Hertfordshire towns! David regularly participates in charity bike rides for the British Heart Foundation.