Cyber-readiness 'as critical as fire drills'
Article date: Tue, 20 Feb 2018 11:26 GMT
Data security must be treated with the same level of critical importance as a fire evacuation plan – according to a panel of cybersecurity experts – after nearly half of all UK businesses suffered a cyber-breach or attack in the past 12 months.
Fire drills are a requirement within all businesses, yet data is treated with less importance, and experts are urging for a shift in culture, to give employees the tools to react in the event of a cyber-attack.
With a cyber-attack now 125 times more likely than a fire, cybersecurity and data compliance experts expressed their concerns that only 38% of global organisations claim they are prepared to handle a sophisticated cyber-attack.
Nicola Frost, Head of Legal at UKFast, believes this cyber-crisis management process must be applied to all businesses, both large and small.
She said: “Assume it’s going to happen and plan accordingly. Every business needs to look at their culture. This new mind-set needs to become a fundamental part of your business and your induction. Where you might have once been trained in health and safety, there must now be a section on data security. With GDPR on the horizon, now’s a perfect time to look at this.”
Breaches in the last year have been increasingly linked to human factors, highlighting the importance of staff awareness and vigilance. However, according to statistics, few businesses currently provide staff with cybersecurity training (20%) or have formal policies in this area (33%).
Andy Larkum, GDPR & Cybersecurity Consultant, urges companies to train not just the technical and security teams, but all employees in the business.
He said: “The insider threat is increasing. You need to raise awareness in your business about data protection and cybersecurity. Your employees need to understand how to use data safely and securely. It’s critical they understand the implications of doing something wrong and flagging something up when they notice something isn’t right.
“Many people believe data breaches are down to hackers, but the majority of the time it’s actually the employees. Engage them. It’s time for a massive mind-set change for businesses.”
Paul Mason, education and training specialist at ethical hacking company, Secarma, agrees.
He said: “With the threat landscape continuing to develop, it’s vital now more than ever to educate your employees. We need a shift in culture where training is updated regularly to fit the increasingly dangerous cyber-landscape. Employees are unaware of the risks because they haven’t been trained in it. So, how do you make sure people understand both the significance and the importance? You train them.”
The comments were made at a panel discussion on GDPR and employee education at UKFast Campus in Manchester.
print this article.Return to Press Releases