Cyber security is an increasingly crucial aspect of UK business focus. Research shows over 50% of companies have experienced at least one data-compromising or full-on IT infrastructure attack.
But for many companies in York and beyond, particularly legacy companies, the online world and digital age is a difficult-to-navigate new land, which means their security systems are often lacking.
2020 Vision, an access control systems supplier who work across the UK, has investigated the matter further, and put together a guide to some of the risks and solutions.
GDPR serves as the Data Protection Act 2018 for the UK, updating and replacing the Data Protection Act 1998.
Contrary to popular belief, the legislation doesn’t just apply to companies within the European Union. It also applies to non-EU companies that handle any data of European citizens.
Cyber security and GDPR go hand-in-hand. Organisations should want to implement an effective strategy to help prevent any potential attacks which could see them pay harsh penalties set out by the European Parliament.
GDPR has already impacted major companies, with Facebook and Google both reported for non-compliance within the first few hours of the legislation going live.
Most frequent cyber-attacks
Malware is any program or file that is harmful to a computer user – including viruses, trojan horses, spyware and worms. Malware attacks have the potential to encrypt, steal and delete sensitive data.
It was found that 58% of malware attack victims were small businesses, and this figure is only growing — with 61% of small businesses experiencing a cyber-attack in 2017, up by 6% on the previous year.
Phishing is another form of cyber-attack, which sees an email attack masked as though it were from a reputable or well-known company. Emails will often look legitimate but will include links and files that have the potential to extract personal information from your device.
Denial-of-service (DoS attack) is another frequently-used cyber-attack. Essentially, an attacker will direct more traffic to a website that it can handle; overloading the server. Those who are genuinely trying to access the website will find it difficult.
These examples are not exhaustive; and cyber criminals are still finding alternative routes to gain access to personal, digital information. Once you know that your data has been breached, you must report it to the appropriate authorities.
Although these might sound obvious, many businesses still don’t adhere. Constantly monitor and review the procedures you have in place:
• Vulnerability — IP connected CCTV cameras can act as a gateway to corporate networks, so it’s crucial your business has the right procedures in place to deal with any issues. When new technology is adopted, ensure those using it are properly trained and knowledgeable about its use.
• Quantity of data — The introduction of the Cloud to help combat physical storage problems means more data is being handled, and the more difficult it is to manage. It is crucial that any Cloud storage is fully protected and only accessible by those who need it. This data should also be regularly backed up.
• Passwords — Passwords within the business must be changed on a regular basis, to make it more difficult for potential attacks.