Cyber security – why no one can afford ignore it
Amethyst’s Victoria Prewer discusses why no company is too big or too small to be a victim
It doesn’t matter who you are, where you live, or what you do for a living. No one is immune from the threat of a cyber-security attack.
Most cyber-attacks occur randomly, with hackers scanning the web for any available vulnerabilities to exploit. Hackers could actually be copying your data, right now, without anyone being aware of it.
Small and medium firms are often the preferred target for hackers since they sometimes have weaker security protections in place due to a lack of budget and awareness; yet they often have access to valuable financial and personal information. Cyber-security attacks can not only have a huge impact financially, they can potentially damage a company’s reputation.
The latest UK Government sponsored information security breach survey suggests that 90% of large organisations and 74% of small businesses experienced a security breach in the previous year, with the average reported cost of an organisation’s worst security breach estimated at between £1.46m - £3.14m for large organisations and £75k - £311k for small businesses. Failure to prepare for a cyber incident and take steps to mitigate the risk may be viewed as a failure of management responsibility.
One of the most famous UK cyber-security attacks of last year was carried out on mobile and internet provider Talk-Talk. Customer records were left at risk following the breach, which revealed that not all sensitive customer data was encrypted, and that stolen data was likely to have contained partial credit card information.
CEO Dido Harding’s decision to reveal that TalkTalk was "not legally obliged" to encrypt sensitive data, and therefore protect customer information, did not help the situation.
Unsurprisingly, the incident did huge financial and reputational damage to the company, and has lost them thousands of customers.
Another large UK attack, though perhaps not so well known, was on Yorkshire tea room chain, Betty’s, which runs a successful website selling speciality foods.
Although perhaps not such an obvious target for a cyber-attack, a weakness in the company’s security software led hackers to illegally access customer names, email addresses and encrypted passwords. Luckily for Betty’s, no financial data was lost – which was wisely stored separately and securely with a certified third party.
The reality is that no business is too large or too small to be hacked. All companies must take the necessary steps to protect their data, but also guard against human error. When a cyber-attack occurs, public exposure and reputational loss can be the most destructive thing of all.
Amethyst is one of the leading independent specialists in Cyber Security and Information Assurance, with a proven track record of excellence in this field. Delivering a comprehensive range of cyber security consulting and technical services, we help clients identify and understand information risk so it can be reduced and successfully managed.
To find out more about our products and services email email@example.com
 Information Security Breaches Survey 2015: