Cyber security is the protection of everything that makes up your computer network.
The term is sometimes confused with information security, which is the protection of your information in digital and hard-copy forms.
Since the EU’s General Data Protection Regulation came into being, along with other data privacy laws around the world, cyber security has become a vital part of running a business. Why? Because businesses are now legally obliged to safeguard the personal information they hold.
So information security has become a vital part of cyber security, and by protecting your computer network, you’re also protecting your data.
The pillars of cyber security
Three pillars – employees, business processes and technology – comprise a business’s cyber security infrastructure.
To comply with data privacy regulations, businesses now need a cyber security strategy that includes:
1. Staff who are trained in cyber security awareness,
2. Processes that protect your business’s systems, networks, programmes, data and devices from cyber attack, and
3. Technology that will reduce your cyber risk.
Because cyber threats are constantly changing, cyber security can’t be a one-off exercise.
- Staff need to keep current with the risks they face, and the solutions and qualifications available to them.
- Processes need to be reviewed and altered every quarter to remain relevant.
- You need to keep up to date with trending cyber security technology.
Why does cyber security matter?
1. Cyber criminals have become more discerning about who they attack
Attackers are targeting small businesses because they expect them to have less resources, knowledge and old-fashioned security measures in place, and are therefore easier targets.
– Stat 43% of cyber attacks target small businesses (Verizon’s 2019 Data Breach Investigations Report)
2. There’s money in cyber crime
Cyber crime is an industry so, like every other big business, there’s effort and investment going into making it work. Cryptocurrency has enabled cyber criminals to extract ransom payments that are untraceable and consequently this makes cybercrime an attractive proposition.
– Stat Global breaches will cost businesses at least $5 trillion dollars by 2024 (Juniper Research)
3. Cyber security has become a legal requirement
The General Data Protection Regulation (GDPR) and other emerging privacy laws such as the pending POPI (Protection of Personal Information) Act have made cyber security compulsory for businesses that collect, store or process personal data.
– Stat 30% have made changes to cyber security because of the GDPR (Cyber Security Breaches Survey 2019)
4. Costs relating to cyber crime have risen exponentially in recent years
Data breaches that break privacy laws result in costly fines. In addition, unhappy clients whose data has been compromised can result in massive reputational damage.
– Stat £4,180 is the average annual cost for businesses that lost data or assets after breaches (Cyber Security Breaches Survey 2019)
5. Cyber security has risen to board-level importance
Because of the financial, operational and reputational risks associated with cyber attacks, it’s no longer just the IT department that needs to handle cyber security. Top level management has to be involved to manage the broader risk associated with cyber attacks.
– Stat 78% of businesses say cyber security is a high priority for their organisation’s senior management (Cyber Security Breaches Survey 2019)
The opportunity in cyber security
If you’re seeing cyber security only as a legal obligation, remember that having a cyber strategy in place gives you a competitive advantage. When your systems and data are protected, your business will be at less risk of data loss, financial loss and damage to its reputation.
DID YOU KNOW?
32% of UK businesses and 22% of UK charities identified cyber security breaches or attacks in the past 12 months (Cyber Security Breaches Survey 2019)