Over recent days we have seen the two significant cyber-attacks on big businesses hit the news and these are just the ones we know about. The ability for hackers to gain access to systems through technical means is not to be underestimated, specialists work tirelessly to build and maintain secure systems that are now integral to our business and personal lives.
What is often forgotten is the vulnerability of the very people that use and operate these systems, who by definition are often the easiest way for a hacker to secure the information they need to profit from their activity. People are the biggest weakness when it comes to cyber security and how many of us are regularly trained and updated on methods and the importance of protecting information?
Data security is vital to the success of your business, yet working practices in many organisations still demonstrate a lack of awareness and understanding:
How many of us have seen the ‘Post-it note’ approach to ensuring we don’t forget that important password stuck to the very computer terminal holding all the company data?
How many of us really understand the capability of hackers to contact our call centres and encourage our staff to release that extra bit of customer information?
There is no complete solution to this and we must all work on the basis that we will at one point or another be subject to a cyber-attack, this is just a reality of the world we now live in and the risk versus reward for those who engage in this activity. To protect ourselves both personally and professionally we must ensure that our organisations remain up to date and strong in terms of technical resilience, but just as important is ensuring our people are aware of the types of methods used by hackers to illicit information and build the resources for an attack.
We must have strong control measures in place for passwords and other access information and ensure our staff fully appreciate the potential impact if we get this wrong, but equally we must ensure our people understand the many other methods used, some of which are incredibly clever. The damage caused can be fatal for a business with complete loss of confidence from your hard earned customer base.
Here at Blue Rock Risk we run a programme called Cyber Aware which focuses completely on the people side of cyber security and can be tailored to the needs of your organisation. You can find out more here. Please get in touch if we can help you and your business.
About the author – Chris Regan is the Director of Blue Rock Risk Limited a specialist crisis and risk management consultancy. Chris works with both private and public sector clients to help them plan, prepare and respond effectively to a wide range of crisis and risk issues. Chris can be contacted at firstname.lastname@example.org