Prevent cybercrime from taking your business offline
A risk management approach
Most companies now use the internet to do business, to advertise and sell, find new markets, customers and staff, communicate with customers and suppliers, and carry out financial transactions. The internet brings huge business opportunities and benefits. But it also brings risks. Every day there are attacks on the IT systems of UK companies like yours, attempting to steal your information and money, or disrupt your business.
Cyber crooks target businesses mainly for financial gain, either directly through ransomware or indirectly by stealing company IP or customer data to sell. Here are some of the most common attacks:
If you have never been the victim of cybercrime, it’s hard to picture your business as a target. The news tends to focus on big companies, such as BA or TalkTalk - as the targets, with millions of credit card details or customer data records stolen. If your company doesn’t hold that sort of data, why would you be a target?
The truth is that small and mid-sized businesses are easy scores for cybercriminals and the volume of attacks is increasing. Any successful business, irrespective of size, is vulnerable to attacks such as ransomware – would your company pay out £20,000 to get all your IP and customer data back, or survive losing all that information and the fines that follow? Using off the shelf applications, costing a few hundred pounds, these cyber crooks are not looking for big targets, they are looking for lots of small pay outs and any business that makes money is a target.
Sadly, the UK statistics paint a clear picture:
You can never be totally safe, but most online attacks can be prevented or detected with good security practices for your people, processes and technology. These security practices are as important as locking your doors or putting cash in a safe. You can manage your online security in the same way you would protect any other aspect of your business. With more customers demanding that their suppliers are secure, this is becoming a business necessity.
You don’t need to be an IT expert to improve your security. Simple measures can make all the difference. You can save money through adopting an efficient risk management approach - plan, implement and review. You can gain a competitive advantage by being seen to take security seriously – gaining the Cyber Essentials badge will help you do this. Good security can be an enabler for a thriving business: you will be protecting your assets, your reputation, your customers, and your peace of mind. badge will help you do this. Good security can be an enabler for a thriving business: you will be protecting your assets, your reputation, your customers, and your peace of mind.
What is directly at risk?
Your money, your information, your reputation, your IT equipment and your IT based services. Information is an asset that can take many forms: client lists, customer databases, your financial details, your customers’ financial details, deals you are making or considering, your pricing information, product designs or manufacturing processes. There is a risk to your IT services and information wherever they are stored, whether held on your own systems and devices, or on third-party hosted systems (i.e. ‘in the cloud’).
What could pose a threat to these assets?
For an in-depth look at the different personas that pose a threat to your business, download our Little Book of Breaches.
What form could the threat take?
Take a look at our EDR demo to see how an attack can happen and how to defeat it.
What impact could an attack have?
Click here to see our GDPR Fine Tracker.
Planning
Reviewing
Implementing
There is help if you need it!
Yes, it is a big task and can seem daunting, but it doesn’t have to be. Many companies are turning to a managed cyber security service, such as that offered by norm. We follow the risk management approach, so you get the best protection against cybercrime.
Andy Scutt NormCyber Ltd.
Don't leave it there! Learn more about how norm. can help your organisation to achieve GDPR compliance and support the growth of your business.