The risks of neglecting your cybersecurity

Oct 23, 2020 | Blog

Over the last decade, the way we communicate with our colleagues, customers and partners has changed dramatically, thanks to email and other forms of digital communication. In fact, 98% of businesses depend on some kind of digital communication to operate. Since the outbreak of Coronavirus, this behaviour has shifted again with significant, industry-wide jumps in video calling and VoIP traffic especially.

While operators, ourselves included, are managing this usage spike and ensuring ongoing service for our customers, businesses are increasingly at risk from another source: cybercrime. With more business operations moving online, and more employees working from home, new vulnerabilities have emerged. Hubspot says that, “with worldwide fear and uncertainty, we’re experiencing the perfect storm for cyber crime and online scams.”

With so many minds now focused on how to keep business operations afloat, we’ve seen new internet-based risks emerging, and old ones that have been reinvented to capitalise on the panic created by COVID-19. Examples include attempting to access personal data, intellectual property and/or tarnish the reputation of an operation.

 

Cybersecurity – why is it important?

If a Managing Director decided not to lock the office doors at night, when the site gets ransacked and all the hardware goes missing, people would immediately blame the MD – rightfully so – and any business’ cybersecurity is no different. If your operation is leaving the digital door open for thieves, then at some point or another, not addressing the situation is going to leave you open for a digital ransacking!

That’s because cybercrime is big business, and nobody is safe. Cyberattacks are rarely carried out these days by bad actors working alone: hackers often work in organised teams, using cheap off-the-shelf malware to attack thousands of businesses a second, often funded by organised crime in remote and untouchable places.

Even if assets or valuable data aren’t stolen, a cyberattack will likely slow down or even prevent systems from operating at all, causing the business to grind to a halt, costing money, reducing productivity, eroding customer perception and jeopardising the entire operation’s survival.

Therefore, the only logical conclusion is that businesses need to protect themselves from these dangers to have the best chances of operating for the foreseeable future. This includes smaller operations – the idea that only large, established corporations are at risk is a giant misconception.

 

Are businesses, both large and small, really at risk?

Sadly, yes.

Around a third (32%) of businesses and two in ten charities (22%) report having cybersecurity breaches or attacks in 2019, and the numbers are much higher among large and medium operations (60%), as well as high-income charities (52%).

Consider too that in 2019, over 60% of business and half of all charities used cloud-based computing services and that number will have only increased since the start of the Coronavirus pandemic. Growth areas like this are significant focuses for cybercriminals as there’s a lot of potential victims to choose from, and some of them will have lower standards of security than others, making them optimum targets. Plus, new services like Zoom and HouseParty – that have recently gained major publicity – haven’t had years’ of trials and testing ‘in the wild’ to address any overlooked vulnerabilities, which again presents an attractive proposition for bad-actors looking for a way to quickly breach an organisation’s system.

In businesses that have had a negative financial impact because of an attack, the average cost to the company was £4,180. Yours may be higher or lower, but remember, this figure doesn’t take into account other factors like how perception in the market may fall and the loss of ongoing customer revenue, the financial impact of the decline in productivity and any time spent rectifying the issue.

 

What can be done to resolve it?

There are many technologies and services available, like firewalls, VPN services, automated or managed threat detection, but the most critical tool for any business in tackling cybersecurity risk is education.

Most attacks rely on human error in not recognising fraudulent websites and emails, or other impersonation strategies, which is understandable as humans are far easier to convince than a machine.

But, if businesses did more to educate their staff around how to identify fraudulent emails, or how to validate whether a website is genuine or not, the majority of cyberattacks would fall by the wayside, allowing IT teams and ISPs to focus on stopping the highly-technical breaches that are harder to prevent, like DDoS attacks and ransomware.

We were stunned to learn that, in 2019, less than three in ten businesses (27%) and charities (29%) report having asked staff to attend internal or external training, including seminars or conferences on cybersecurity. This proves just how far we still have to go to lock all the doors and windows of our metaphorical digital offices.

For more information, please download our full cybersecurity ebook or call us on 0161 672 9900.

 

*all statistics derived from the DCMS’s ‘Cyber Security Breaches Survey 2019’

[  Other news stories you may be interested in  ]

How to help your team work better together

How to help your team work better together

The trend towards remote or home working – either to replace or in hybrid with a typical office environment – has taken a massive leap forward following the COVID-19 pandemic. While an uptick in a business’s green credentials might be an immediately obvious benefit, remote working does come with its own unique set of challenges.

read more
Why you shouldn’t wait for getting back to the office to adopt a 2025-proof UC calling solution

Why you shouldn’t wait for getting back to the office to adopt a 2025-proof UC calling solution

The effects of COVID-19 have shown us all the struggles and challenges of working from home. While we may all be desperate to return to the office and see our colleagues again, remote working is here to stay, and it’s already a significant consideration for businesses in their future planning. But it’s not all down to the COVID-19 pandemic. Many businesses were already looking to adopt Unified Communication platforms to refresh their calling technologies before the ISDN…

read more
Has rural home & business connectivity been forgotten?

Has rural home & business connectivity been forgotten?

Long before the global pandemic ground the world to a halt, and saw new connectivity services and fault resolutions being prioritised for critical functions such as blue light services, pharmacies, utilities, food distribution outlets and financial services, rural homes and businesses were patiently waiting for the high-speed internet services that the rest of us take for granted. Now, with limits to travel and engineer availability, will those in the green belt be left behind?

read more