A recent survey from the government has revealed that 10 per cent of the UK’s top businesses have no plan of response in the event of a cyber attack. The majority of companies also admitted their lack of preparedness for the new data protection rules, a new addition for the 2017 report. The survey polled the FTSE 350 companies about their their data protection and cyber security.
Preparation is essential
This has raised some serious concerns in the government because due to their high profiles, these companies are much more likely to be regularly targeted by cyber criminals. Not only did one tenth of the 350 companies have no response plan in place, but a quarter of them said they had no role specifically designed for responding to a cyber attack, and over two thirds said that they had not received any training showing what to do in the event of a cyber incident.
The report did find, however, that attitudes toward the risk of cyber attacks are changing. More than half of the top 350 agreed that it is a high-level risk, although some still saw it as operational-level or low risk. Furthermore, more of the company boards think they have a good understanding of the impact a cyber attack can have than when they were surveyed last year.
How to manage cyber security risks
A full risk assessment is crucial. There are plenty of free cyber security risk assessment tools available that can help get you started. If the role doesn’t exist within your organisation, appoint someone who is appropriately qualified to run ongoing assessments and ensure the latest precautions have been taken.
If you’re looking for a third-party solution, file integrity monitoring software from developers like https://www.promisec.com/file-integrity-monitoring-software/ can catch and stop breaches before they happen by monitoring and reporting changes to core files in your system.
Even common-sense employee training on fundamental security issues, such as making sure people change passwords regularly or reviewing firewall rules, can be enough to help keep some cyber attacks at bay. As the recent global ransomware attack Wannacry has shown, a cyber attack can bring businesses and organisations to their knees, whatever their size and regardless of their business type.
With the threat of cyber attacks ever more present, make sure your business is protected.