The result of stolen data or business interruption can be hugely expensive to an organisation. In fact, Manchester United’s network was held ransom by cyber criminals last month for a fee of £50 million.
The total annual cost of cybercrime for a company has increased from $11.7 million in 2017 to a high of $13 million today, with suggestions that this will increase by 15% year-on-year for the next five years.
Many of these costs have been attributed to employee negligence. Figures highlight that 90% of all cyber-attacks are caused by human error and explains why some of the worst cyber breaches have occurred.
As a result, organisations must become more cyber security aware and conscious in every department.
By taking certain measures, organisations can help educate their employees and protect the company from the chance of a cyberattack.
Explain the risks: It is important for employees to understand the risks and learn so make the lesson relevant to ensure they retain the information explained to them.
Educate ALL employees: Everyone is equally as responsible making it important to make everyone aware and educated.
Understand the risks: Evaluate the potential threat and risks for your organisation to ensure the correct security measures are taken.
Develop a cyber security strategy: Collect information on your organisation, determining your valuable assets, what can be accessed, and then making EVERY asset classified and confidential. After collecting the information, you will then be able to take certain measures to improve different processes and reduce the chance of a cyberattack.
Ensure your policy management is up to date: Policies are essential in establishing boundaries of behaviour for employees within your organisation.
Prepare for a data breach: Put a plan in place to ensure you take the correct action when data is breached. This helps educate employees and reduce the financial damage following an attack.
Today, there are companies that specialise in penetration testing or ethical hacking, such as Jumpsec. The firms are paid to find any flaws in your company’s IT infrastructure. This is not always an expensive service - and it can be exceptional value to reduce the risk of cyber attacks in the future.