Table of Contents
Your business must know how to protect the valuable data your company possesses. Unfortunately, over the last 12 months, there has been a marked increase in cyber attacks on UK businesses. The relevant figures show that cyber attackers are targeting large companies and small businesses alike. This article aims to inform you of the nature of cyber threats, so your company can strive to guard itself against cybercrime.
Why is Cybercrime on the Rise?
The COVID-19 pandemic provided the perfect conditions for cyber attacks. This is because nearly all businesses have had to work remotely. Unfortunately, remote work is often a weak entrance within a company’s IT network. By allowing remote access to employees, you may also inadvertently allow remote access for hackers.
What Information Do Cyber Attackers Want?
There are two primary forms of cyber attack:
- ransomware; and
- security breach.
Ransomware attacks involve an attacker locking the user out of their computer system. The attacker does so to demand a financial payment to return access to the system. Unfortunately, the average cost of these ransom demands is very high. Furthermore, there is no guarantee that the attacker does not retain a copy of the information for themselves.
The second main form of cyber attack involves cyber security breaches. This attempts to ‘farm’ sensitive data from your business, including passwords, usernames, employee information and bank account details. Cyber security breaches aim to steal money and critical data from your company.
Continue reading this article below the formCall 0808 196 8584 for urgent assistance.
Otherwise, complete this form and we will contact you within one business day.
Preventing Cybercrime
The National Cyber Security Centre (NCSC) aims to provide UK businesses with written guidance on managing cyber risks. The NCSC website is a handy reference point for your business. Additionally, your company can increase its cyber resilience by performing the following steps.
Staff Training
Train your staff regularly about safe cyber security, such as avoiding suspicious links or unexpected emails. It is good practice to ensure that staff receive security training yearly.
Anti-Virus Software
Your business should use up-to-date antivirus software and safe staff identification methods, such as requiring smartphone fingerprints to permit remote access. If staff regularly use their own devices to access your system, you can put a written policy in place setting requirements on employee access.
Update Operating Systems
It is essential you regularly update your computer operating system. The NHS was negatively affected by the WannaCry ransomware attack in 2017 due to not updating its Windows operating system. Microsoft regularly updates their most recent Windows platforms with security patches to avoid cyber weakness, and your company should ensure its network is regularly updated. Apple does the same with their Mac operating systems, which also receive security updates;
Strong Passwords
Ensure staff use lengthy, complex passwords. Many data breaches start through exploiting a weak password, such as ‘password’, ‘admin’ or ‘1234’. A good password uses a mixture of upper and lowercase letters, numbers and symbols (such as ‘mYstronGp@55word!!’).
Cyber Insurance
Consider taking out cyber insurance cover within your business insurance plan. This form of insurance can potentially cover your business for financial loss caused by cyber-attacks. However, most insurers require your company to practice competent cyber security as a cover condition.
Key Takeaways
Over the last 12 months, many UK organisations have suffered repeated cyber attacks. Thankfully, robust antivirus software and system security can prevent most attacks. However, it only takes one employee opening a virus-ridden email to put all of your company’s sensitive data at risk. One way of protecting your business from ransomware, for example, is to regularly back up your information onto an external server or storage device. This means that your company could potentially reload its information onto a clean system (rather than pay a ransom). In addition, your business can implement policies such as staff training, updating operating systems and taking out cyber insurance.
If you need help with data protection security and guarding your business against cybercrime, our experienced Data, Privacy and IT lawyers can assist as part of our LegalVision membership. For a low monthly fee, you will have unlimited access to lawyers to answer your questions and draft and review your documents. Call us today on 0808 196 8584 or visit our membership page.
Frequently Asked Questions
The NCSC website provides guidance on ransomware, phishing, device management, malware and operational security. It also provides advice on strong password use and protection of sensitive data.
Phishing is sending your business a fake email or text message that looks like it came from another party, such as your bank or a delivery company. They aim to get you to click on virus-ridden links within the message or enter bank details into a fake website.
We appreciate your feedback – your submission has been successfully received.