It can only take a second’s loss of concentration to destroy a business, one online click while a person is distracted that allows criminals to compromise an IT system and wreak havoc.
The results can be devastating for a business, causing lost income, massive inconvenience and in some cases such serious damage to a company’s reputation that it never recovers and ceases trading.
That is why every employee in every business must be trained in cyber security, according to Alan Stenhouse, who runs Scottish business AST Risk Consultancy & Training Services Ltd.
Alan was speaking as concern grows about the risks posed by cyber criminals using ever-more sophisticated software to seek out gaps in companies’ defences.
Indeed, the Cyber Security Breaches Survey (2017), commissioned by The Department for Culture, Media and Sport (DCMS) as part of the National Cyber Security Programme, found that just under half (46%) of all UK businesses identified at least one cyber security breach or attack in the past 12 months. This rises to two-thirds among medium firms (66%) and large firms (68%).
Alan says that a few common-sense measures can go a long way to protecting against the likes of viruses that infect systems or ransomware, whereby access to data is blocked through encryption and only occasionally released after payment has been made.
He said: “There have been plenty of warnings and plenty of high-profile recent incidents to confirm that the threat is very real yet too many people still take the view that it will not happen to them.
‘In my experience, a lot of companies only take cyber security seriously after they have been attacked, which is too late because the damage has already been done.
“If you are sitting in your office thinking ’it won’t happen to me’, then think again because if you continue to ignore the dangers, it will.
“Cyber crime is a very real threat and it is everyone’s responsibility in an organisation to guard against it.”
Alan’s advice to managers and employees alike includes: