Cyber security is an increasingly pressing area for many businesses, and while tech companies have sometimes been ahead of the curve, the problem is beginning to affect all kinds of industries, threatening their assets, data and profits.
In response, many businesses turn to expensive cyber security systems and programmes, as well as specialists, to oversee the security of their computer networks and data. While these can all be hugely beneficial for maintaining an effective cyber security presence, determined attackers will always go for the weakest link. Too often, companies neglect to instruct their employees in basic cyber security training, allowing them to make simple mistakes, through which data can easily become compromised.
Training employees in cyber security, therefore, can be one of the most cost effective preventative measures a company can undertake. Here are a few things which should be prioritised when instructing workers in the basic principles of security.
Keeping networks clean
The first line of defence for any company with regards to cyber security should always be the software installed on their machines. Yet too often, companies have unclear rules over what can be installed by their employees – or even worse, no rules at all. The result can be the accidental accumulation of potentially harmful software which can compromise network and data security – employees must be told in clear terms about what they can – and cannot – keep on their work computers.
Keeping an eye out
Employees should also be informed as to what constitutes suspicious behaviour on networks. If employees are ignorant as to how data can become compromised or insecure, they will not be able to report on any problems that may arise. This is vital – employees work on the systems day to day, and can easily notice subtle changes – but they can’t report every minor change, unless they know what could be a data breach.
As well as the above, it’s always worth instructing employees in the basics of IT security. The best practices for creating and changing passwords, two-factor authentication and backup up data might seem simple, but they could be what stands between you and a hugely expensive loss of data.
The rise of the Internet of Things – or IoT as it’s often known – has delivered greater connectivity than ever before. Digital business is dependent as never before on IoT and cloud computing to deliver value. But, with over six billion interconnected objects predicted to be in use by the end of 2016, there are increasing worried about the security implications of this new technology.
(video from IBM Think Academy)
With cyber crime on the rise, the Internet of Things Top 10 project has already identified the security challenges facing the IoT and its connected devices. Smart appliances, cars and wearable tech are all vulnerable to cyber criminals ready and willing to exploit those vulnerabilities. Many devices have unsecured interfaces with the web and cloud-based resources. Some Apps are poorly secured and there is a lack of encryption for data in transit. There are issues around the physical security of devices and users and passwords and authentication issues, leading to the disabling of the Nissan Leaf app after security researcher Troy Hunt was able to take control of a Leaf’s steering wheel.
One of the major problems with IoT is manufacturers and service providers entering the sector and failing to implement common security protocols to secure data and devices. When hackers caused a power outage in the Ukraine, the first of its kind in the world, they used malware to corrupt the grid. Analysts fear that, unless cyber security adapts to meet the new challenges of IoT devices, hackers will develop new opportunities to gain entry to corporate databases and networks.
So, what can your business do in the face of the new and increased risks presented by our growing interconnectivity? Cyber insurance is expected to be one of the IoT growth industries, with fewer than 5% of manufacturers having any kind of cover. But, with premiums expected to double in the next four years as attacks increase, investment in training your workforce to take responsibility for IoT security makes good financial sense. But in the scramble for security, that smart tea maker can still make a great cuppa.