How many times did hackers try to breach your network this month? Do you even know?
In a recent IBM-commissioned study conducted by Ponemon Institute, it was revealed that organisations in the UK reported an average of 22,800 data breaches in the first 6 months of 2018 alone. That’s 3800 breaches per month or, more alarming, 124 breaches per day.
How do you measure attacks on your network? Do you even have provisions in place to do so?
I realise we’re probably a bit of an exception with this because our company is full of brilliant men & women who eat this kind of thing for breakfast, but the study did give me pause to think just how many local businesses within 10 miles of our HQ in Gateshead actually don’t have any way of knowing if they were attacked until after it happens?
Are you one of them?
With 124 attacks per day, I feel like it’s only a matter of time (and probability) before you get attacked too – but that’s not the worst of it.
I remember when we started Advantex back in 2002. A ‘cyber attack’ or a ‘hack’ was usually someone attempting to get access to an email address or files to use for their own purposes and that was that. Maybe a little bit of damage and a day offline but nowadays a cyber attack or ‘data breach’ carries much more risk for business owners.
Ticketmaster were recently on the receiving end of this in a data breach that resulted in customers being warned they could be at risk of fraud or identity theft after the global ticketing group revealed a major data breach that reportedly affected tens of thousands of people.
That is bad enough, but when you combine that with the threat of punitive fines by the ICO under GDPR for not reporting data breaches within 72 hours of becoming aware of them, the issue becomes a lot more costly. According to the report, attacks of this nature cost UK companies approximately £3m in the first 6 months of the year.
In the case of Ticketmaster, and any other well known household brand, the damage to reputation could be far more costly.
You can still protect your network with good habits
Only 50% of breaches involved a malicious or criminal attack, with the remaining 50% split into two causes that I think you can overcome by introducing better internal procedures. For example, 26% were due to negligent employees or contractors and 24% involved system glitches, including both IT and business process failures.
We put together a handy little guide a few months ago about things you can do to try and help your staff keep your network secure. To help avoid IT and business process failures, I’d recommend booking a security audit from your IT Support provider as soon as possible – and at least bi-annually after that.
Finally, the study also found that the faster a data breach can be identified and contained, the lower the costs. Companies whom identified a breach in less than 100 days saved more than $1 million as compared to those that took more than 100 days. Similarly, companies that contained a breach in less than 30 days saved over $1 million as compared to those that took more than 30 days to resolve.
Clearly, the main lesson learned here is to have internal procedures and security systems in place that are designed to identify threats (and breaches) as quickly as possible.
We offer a number of IT Support Packages to help protect your workplace from threats like this but they are all quoted for on an individual, case-by-case basis. We learned long ago that no two environments are the same but it does pay to have that conversation as soon as you can and arm yourself with enough knowledge to make a plan of action.