Cybersecurity | How To Avoid A Data Breach In Your Business

Posted 21 November 2019

Cybersecurity is more important than ever before, with the rising risk and costs of cybercrime putting it firmly on the global agenda. A new global survey reveals that cybersecurity is ranked the number one external concern by U.S. CEOs, and with a total of 10,600 reported breaches in the UK alone since the EU’s General Data Protection Regulation came into force last year, UK businesses are under pressure to sure up their defences against cyberattacks.

With hackers and cybercriminals developing increasingly sophisticated techniques and more smart devices than ever connected to the internet, breaches have affected businesses in almost every sector worldwide. From government agencies to retailers, educational institutions, hotels, transportation and logistics, companies and organisations across the UK are investing in cybersecurity to protect their data. And with the UK’s data watchdog now able to fine a firm up to 4% of its global turnover, it pays to protect your data.

So how do you make sure your business doesn’t hit the headlines for all the wrong reasons? Our cybersecurity tips can help you avoid a data breach, protecting your reputation, customer data, and bottom line.

How much do data breaches cost businesses?

On average a breach can cost a business over £4, 000, according to the 2019 Cyber Security Breaches Survey commissioned by the UK government. Of the reported breaches, phishing topped the list of attacks (80%), followed by impersonation, either by email or online (28%), and viruses, spyware and malware (27%).

Costs and losses can vary hugely, however, with damages from the 2017 ransomware attack on Maersk and FedEx’s European subsidiary TNT of over $10 billion , temporarily crippling the business through disruptions to its global shipping operations for several weeks.

Aside from the immediate costs recovering from a data breach, such as investigations, security upgrades, penalties, and damages paid to those affected, the ‘hidden costs’ such as reputational damage can be huge. Take Facebook for example – in the aftermath of the recent data-harvesting scandal said to have affected up to 87 million users, Facebook’s stock dropped £25 billion and a campaign to ‘delete Facebook’, started by highprofile users of the network, went viral. The loss of trust in companies than handle personal data can be difficult to recover from - Facebook’s reputation is very different now to what it was a year ago.

With cybercrime predicted to cost over $6 trillion each year by 2021, companies shouldn’t wait for a crisis to happen before investing in cybersecurity risk management – prevention is cheaper than the cure when it comes to data protection.

How to protect your business from cybercrime

There are several ways companies can protect their network and systems from cyberattacks. Here’s our top four:

  • Secure your hardware
    Safeguarding the security of company hardware often gets overlooked, but the loss or theft of devices is a real threat. Start with the basics - protect every device with a complex password and only share the password with the device user. Install ‘find my device’ software on all laptops, tablets and mobile phones, so that if the device is lost the authorities can locate it quickly.

  • Have a third party evaluate your data security risks
    Data security experts and other third parties can offer an objective, outside view of a company's weak points when it comes to the risk of a data breach, and will offer solutions to reduce these risks and keep your data safe.

  • Create a security-focussed company culture
    Many employees will use their personal devices for work, but simply banning this often doesn’t work as policies tend to get ignored or forgotten about. Instead, teach staff how to use their personal and work devices in a way that minimises the risk of getting hacked. Top priority should be educating them about the risks of unsecured networks to access work information. Specify where unsecured networks are often found, such as hotels, airports, cafes etc. Make sure employees know how to verify if a network is secure – you’ll need a password or PIN to access a secure network.

  • Encrypt and back up personal data
    In case your data does fall into the wrong hands, protect it by making sure it’s encrypted – including the data on work devices. Encrypt all sensitive data, such as employee and customer information, and all business data. You can get full-disk encryption software on almost all operating systems. Have a backup plan in place for your data too: look into backing up system files via either external hard drives or cloud storages and decide what’s best for your business.

Want more information on Cybersecurity? Read our free whitepaper here. Or, to talk to us about growing your team, get in touch.