BUSINESSES are facing an ever-increasing cyber threat, but the majority have no idea how to protect themselves or even how to recognise an attack on their company.
UK businesses of all sizes reported a 22 per cent increase in cyber crime in the past year alone, resulting in more than £1 billion in losses. Half a billion personal records were lost or stolen. Just last month we saw a large-scale DDoS attack causing major outages for Twitter, Spotify, SoundCloud and more.
Publicity around incidents of cyber crime and security breaches has been heightened and there is a greater public awareness of possible financial loss and risk of compromised privacy, but recognising the risk and dealing with the risk are two completely different things.
Polly Purvis is chief executive of ScotlandIS. She says the financial and reputational cost of lost data, of having your systems hacked, of falling foul of scammers is significant, and she warns that hackers are becoming “increasingly sophisticated”.
“It is a real challenge to keep on top of the latest developments. Sharing information across security agencies, and through business associations, and other groups is important in keeping everyone up to date.
“With the increasing roll out of the ‘Internet of things’ with ‘smart’ devices for example in our homes, at work and in transport – makes implementing good security practices even more important.
“And the increasing effort being made by unfriendly hackers, criminals and governments of other countries to disrupt, damage and infiltrate technology systems means that the threat is potentially enormous. Which is why we all need to put in place sensible procedures to ensure we are as protected as we can be.”
So what are “sensible procedures”? What can businesses do to protect themselves from a cyber attack?
Well, since 2012 the advice from governments in the UK and the US is to assume you are already under attack and further to assume that your defences have already been breached. You should make your staff aware of the risks out there and have clear cyber protocols in place to help them to avoid getting you and them into hot water.
Stuart Macdonald is MD of Seric Systems and specialises in cyber security. He says the threat to Scottish businesses is “massive and underreported”. He said: “Eighty per cent of our security customers come to us through panic rather than planning and I wish that wasn’t the case.”
He points to information sites like cyberstreetwise, for those needing the ABCs of Cyber, to programmes such as Cyber Essentials and Cyber Essentials Plus. These programmes put best practice advice into place and test it with a third party.
“Currently, Scottish Enterprise has 100 per cent grants available for SMEs wanting to put Cyber Essentials in place. However, this grant funding runs out in January 2017, so I would urge businesses in Scotland of any size not to let this funding slip through their fingers, but to go through Cyber Essentials now and make their businesses more cyber resilient,” said Macdonald.
Why are you making commenting on The National only available to subscribers?
We know there are thousands of National readers who want to debate, argue and go back and forth in the comments section of our stories. We’ve got the most informed readers in Scotland, asking each other the big questions about the future of our country.
Unfortunately, though, these important debates are being spoiled by a vocal minority of trolls who aren’t really interested in the issues, try to derail the conversations, register under fake names, and post vile abuse.
So that’s why we’ve decided to make the ability to comment only available to our paying subscribers. That way, all the trolls who post abuse on our website will have to pay if they want to join the debate – and risk a permanent ban from the account that they subscribe with.
The conversation will go back to what it should be about – people who care passionately about the issues, but disagree constructively on what we should do about them. Let’s get that debate started!
Callum Baird, Editor of The National
Comments: Our rules
We want our comments to be a lively and valuable part of our community - a place where readers can debate and engage with the most important local issues. The ability to comment on our stories is a privilege, not a right, however, and that privilege may be withdrawn if it is abused or misused.
Please report any comments that break our rules.
Read the rules here