Despite the economic downturn in some areas of the world, many businesses are continuing to grow quickly. Turnover and profits are increasing, as is the number of employees. However, and rather unfortunately, with all this positive growth comes unwanted growth in other areas. Naked Security has recently highlighted research from Ernst and Young which reveals how the growing risk of cyber-attack for businesses is at dangerously high levels as 96% of 1,909 executives questioned believe their businesses are vulnerable.
While this news is startling, we should remember that this is not necessarily a new revelation. In July a KPMG report revealed how in the UK, all FTSE 350 companies are vulnerable to cyber-attacks. Clearly this problem has not been addressed properly for too long.
Furthermore, big businesses might be just as vulnerable as the small. From the LinkedIn hack of 2012, to the recent cyber-attack of Adobe which compromised 38 million accounts, to the very recent loyalty card attack of the Irish firm Loyalty Build, businesses across the world appear to be under fire from hackers and cyber-attackers. The effects of these attacks can be incredibly damaging to business reputation, particularly to banks, and can irreversibly damage customer trust. Examples of how this trust can be lost were highlighted earlier this summer by Arta Sylejmani in her blog assessing the evolving threat of phishing attacks.
So how can we, as businesses, employers and employees, respond and hold fast against such a growing risk?
The starting point is the front line; we must assess passwords and the strength of our authentication systems and solutions. Multi-factor authentication is one way to ensure this front line is reinforced to the extent that a cyber-attack will be futile. This multi-factor approach is essentially the most logical approach to the issue of identity/authentication security. Why have one layer of protection when you can have many which increase security without compromising convenience? Our Protiva brand in particular serves as a prominent example of this.
But how else can we protect ourselves from the growing swarms of cyber fraudsters?
Another way is to recognise how we must think in the correct way; we must consider the perspective of CIOs and what security challenges are currently plaguing them. Our research last year into what keeps CIOs awake at night revealed these challenges, in particular that of BYOD (Bring Your Own Device).
Our findings showed us how a third of employees use their own personal devices on their company network despite warnings and company policy in place to stop this. This BYOD trend could be putting numerous employers at risk and could be the main thing keeping your own CIO awake at night. I’d recommend either avoiding the trend and conforming to company policy or putting all personal devices through rigorous security checks before using them for work purposes so as to ensure against weak links.
Hopefully our CIOs will soon be able to sleep more peacefully; however, this will only be possible if we act now to protect ourselves and recognise how we, as businesses, can no longer ignore the growing security risk of cyber-attacks.