What industries come to mind when thinking about those least likely to be attacked by cyber criminals and organisations? Agriculture is probably near the top of…
This article was first published in South West Business Insider magazine.
Cyber and information security has been creeping up strategic risk registers for businesses over the last few years, especially since the Covid pandemic led to an increase in remote working.
For some, it has been catapulted to the top by hackers who do not discriminate between organisations and industries. Cybercrime is a threat which is industry agnostic and will continue to be prevalent.
The disruption of Covid forced many organisations to scale their IT support and remote working capabilities overnight. When these types of tasks are performed quickly, security is rarely top of mind. This meant that the sudden expansion of many IT networks created new opportunities for the hacker community.
Fast forward a couple years and IT teams are now trying their best to retrospectively fix those longstanding issues, but also scope and scale their internal controls and processes to future-proof the organisation.
Unfortunately, the concept of future-proofing is a bit of a chimera when it comes to cybersecurity. No-one can ever be completely cyber secure, as has been proven by some of the largest IT support and infrastructure specialists, such as Microsoft, falling victim to hackers. The reality is that if the hacker community are targeting your company and want to succeed, they will. It’s just a matter of time.
While that paints a very bleak outlook, the good news is that most companies are not being targeted by the most skilled and well-funded cyber hackers. Therefore, taking measured steps and procedures to protect your organisation can stop you becoming an easy target.
What should you do?
So how can organisations improve their cybersecurity posture? Here’s a five-step framework for your efforts:
- Make someone responsible and accountable for cybersecurity at senior management and board level, and empower them
- Identify and analyse the areas of your business which are most sensitive and most at risk
- Assess possible solutions to address the risk exposure, taking into account costs, the expertise required and timeframes
- Allocate sufficient budget so cybersecurity can be continuously improved year-on-year
- Repeat steps 2, 3 and 4 at least annually and soon after any significant organisational changes
If organisations do not have the necessary skills and expertise in-house, PKF Francis Clark’s team of cybersecurity specialists can help. Every day we work with clients to demystify the world of cybersecurity and help them embark on a journey which is commensurate with their business’s risk profile, risk appetite and strategic plans.
The reputational costs of a cyber attack can be even greater than the operational impact, leading to the loss of customers and suppliers. We want to stop companies becoming headline news and safeguard their brand as well as their ability to do business.
Find out more about how PKF Francis Clark can help protect your business from cyber attacks.