Having joined Complete I.T. as a Technical Consultant, over 10 years ago; I have been very conscious of the evolution of Cyber Security and the way we think and talk about it.
We are not talking of rare occurrences that can be ignored. There is still a feeling that this only affects big businesses but we are all targets, we are all seen as revenue streams to modern day cyber criminals. With small and medium sized organisations often being seen as the easier prey.
Cyber crime is estimated to inflict damages of $6 trillion annually in 2021, rising to $10.5 trillion by 2025!
We need to understand:
- What cyber security plans we have in place
- What the potential risks are
- What we can do to mitigate against these risks
- How much this may cost
- The consequential loss that we may suffer should we do nothing
- Clearly defining the level of risk and what we are comfortable with accepting
Taking a step back and approaching cyber security in a consultative fashion, rather than focusing, as many do, on products & solutions (e.g. Firewall & AntiVirus) only.
We must work in partnership with our IT support partners to review and process the information available to us, making sure that we don’t find ourselves somewhere down the line, with our hands tied behind our backs, having experienced data loss, an inability to do business, reputations damaged, maybe even irreparably & even huge fines from the Information Commissioners Office (ICO).
It is no longer acceptable that senior management in the SME market space avoid these responsibilities, deferring them to junior colleagues, everyone is responsible for the safeguarding of our organisations.
I’m not suggesting that we must all arm ourselves to the teeth and prepare for war or build ourselves a moat and cut ourselves off from the world. We must be conscious and aware of what is going on around us and prepared to put in the time and effort to help build awareness and understanding within our organisations.
It can be easy to become overwhelmed; however there are many simple ways to educate your teams and approach your cyber security planning. For example Cyber Essentials, this government-backed accreditation and process is a great starting point.