With even organisations as vast as the NHS falling victim to cyberattacks in 2017, cybersecurity should be high on the list of priorities for anyone involved in the IT end of business. With increased digitisation across all industries, coupled with new government directives promising potentially devastating fines for organisations failing to secure their data, the importance of digital security is only increasing and is likely to continue to do so. What is the potential cost of failing to secure stored data, and how can you protect your business from potentially devastating costs resulting from such failures?
The cost of security failures
According to IT security firm CGI and Oxford Economics, cyberattacks cost UK investors over 42bn, with a major data breach permanently reducing a businesss share price by nearly two per cent and cyberattacks leaving FTSE 100 companies, on average, 120m worse off. This is, however, only the direct cost of the cyberattack. New government directives promise even more incentive to secure data.
As part of a 1.9bn Network and Information Systems (NIS) strategy, businesses that fail to secure private or sensitive data could be fined up to the greater of 17m or four per cent of their global turnover. Under this scheme, FTSE 100 companies could be fined 6.4bn per year, given the current rate of data breaches. The hope is that such substantial penalties will force businesses to properly secure sensitive information.
Protecting your business
As most cyberattacks are attacks of opportunity rather than targeted attacks, the best way for small- and medium-sized enterprise to reduce the chance of a costly breach is to maintain up-to-date firewalls, virus protection, and file integrity monitoring software from companies such as https://www.promisec.com/file-integrity-monitoring-software/. Up-to-date software – not just security software – greatly reduces potential exposure to loss and fines.
The highest loss from cyberattacks, however, is the result of phishing attacks – by using email, social engineering or software scams to acquire legitimate credentials and thereby access systems. The only way to prevent this is through employee education and best practices, primarily in recognising and avoiding potential scams.
IT security is already a massive concern for businesses; however, with potentially catastrophic fines, its importance will only increase across every industry and size of business. A relatively small investment in security can save millions in damage and fines.