Friday, 17 Jan 2020 Because of reputation and cost. When customers do not trust you to protect their data, or your systems have been disrupted because of a cyber-attack and transactions have gone awry, will they part with their dollars to you?
WHY SHOULD BUSINESSES CARE ABOUT CYBER-SECURITY?
Friday, 17 Jan 2020
Because of reputation and cost. When customers do not trust you to protect their data, or your systems have been disrupted because of a cyber-attack and transactions have gone awry, will they part with their dollars to you?
At the other end of the equation, there are companies who de-prioritise cyber-security as part of operational necessities, but is the risk of cyber-vulnerability worth the ‘price’ you pay post-cyber-attack?
Data breaches and other cyber threats are a PR and financial disaster. Let’s examine this fully.
Some may remember the larger and headline-making incidences of cyber-security breaches – Sony Playstation’s network breach of 2011 where over 70 million users’ details were uncovered and leaked; the network was knocked offline for weeks. The company faced lawsuits from former employees on the accusation of Sony’s negligence and failure to protect personal data.
In September 2018, British Airways became one of the most high-profile victims of cyber criminals when over half a million records of customer information were acquired by criminals after the airline’s system was hacked.
The incident took place after users of British Airways' website were diverted to a fraudulent site. Through this false site, details of about 500,000 customers were harvested by the attackers. This attack cost British Airways over £150 million in fines for their failure in preventing the data breach.
The message is clear - if corporations and enterprises don't treat their customers' data with the utmost care, they should expect severe punishment when things go wrong, especially when laws such as the General Data Protection Regulation (GDPR), the biggest shake-up to data privacy in 20 years, came into force last year.
Many within the cybersecurity community hope that these instances serve as reminders and wake-up calls for corporations and enterprises to beef up their defences against digital adversaries and have a Plan B for back-up capability.
Here, we explore the full gamut of the issue concerning cybercrime, cyber-attack, cyber-security and why a digital defence system needs to be prioritised on your business agenda.
Yes, it does. Cyber criminals can and do target small and medium-sized business primarily because the amount of automation present in numerous processes in these businesses lays these companies vulnerable to cyber-attacks.
Remarkably, an investigation by an American congressional small business committee found that over 70% of cyber-attacks happen to businesses employing less than 100 employees.
What enterprise and business owners must remember is that as larger enterprises become better-equipped with costlier cyber defence systems, criminals tend to move down the food chain and target what is unfairly termed “the low-hanging fruit”, i.e. the SMEs.
The situation has the potential to worsen, says one US-based cyber-security risk expert, as smaller companies cut back on security spending.
Experts agree on one fact: it is the data, not the size, which makes a business attractive to cyber thieves.
Especially, they highlight, if it is delicious data, such as swathes and drives full of financial data, customer contact information, credit card data, health data, or valuable intellectual property and trade secrets.
Data breaches lay bare your trade secrets. Trade secrets are what help companies have that competitive edge over competitors especially in a market where goods and services are competing for customer dollars.
This is why corporations go to great lengths to protect trade secrets. A data breach exposes these documents containing either or both intellectual property or sensitive trade secrets to attackers who may profit from disseminating these secrets. Certain corporate information can be damaging to the corporation when made public.
What happens when there is the theft or exposure of customer details on public forums, online or on other platforms?
There is an erosion of trust between customer and corporation, and there is an erosion of reputation borne by the company.
The bottom-line is that data breaches tarnish reputations.
Cyber-attacks are not only undesirable but also complicated, firstly, as cybercriminals become more agile and sophisticated in knowledge and stealth, but also, digital forensics are often costly to commission and may turn up unsatisfactory results.
Businesses should formulate a cyber-defence policy that articulates security precautions for their employees. There are several lines of defence a business can put in place to avoid falling victim to cyber-attack: