016 has been a notable year for data breaches, hacks and malicious attacks.
2As awareness grows of the issue, so does publicity. One thing guaranteed for 2017 is that attacks will continue to become more sophisticated and the targets will continually change, no size of business is safe.
There are stronger EU data protection regulations being developed for 2017 and businesses should assume that such regulations will become law in the United Kingdom regardless of Brexit. This legislation states that any company or individual who processes data will be held responsible for its protection, including 3rd party providers. Sanctions for data breaches will increase and the culture of“ naming and shaming” companies will be streamlined. For companies the negative effects of data security breaches will be more substantial.
Cyber Security in 2017 – are you prepared?
Blending human security expertise with purely technologybased solutions can combat the threat. This extends to not only your internal operations but also 3rd parties you work with. Companies may wish to vet current IT providers, for example to ensure they are compliant and ready for legislation changes.
Two particular forms of data security breaches have gathered large amount of publicity. In some cases, technology can only protect you so far and the human factor is central to prevention. Blending both of them can create strong protection.
Credential theft has become more developed. Attackers gain control of the network and steal confidential data by masquerading as an employee in the business whose details they have captured. This type of attack cannot be easily detected by technology solutions. As all individuals who deal with data will be“ held responsible” for its security, companies must ensure that staff training on data security is given priority and that it is refreshed once new legislation comes in, ensuring that staff know the risks and manage those risks.
Ransomware has become a profitable malware type. Businesses need to consider what can be seen as valuable to attackers and then take steps to protect it. Constant backups, disaster recovery and up to date software are all ways to limit the detrimental effect of ransomware. Encryption when backing up data helps to reduce the risk of data loss and can show regulators that you have reached“ reasonable expectations” of data protection required.
For companies storing data on the Cloud, do your research and know where your data is at all times. Any data held regarding EU citizens is affected by the new regulations meaning it cannot be moved outside the EEA unless adequate levels of privacy protection are met. Companies should check with their Cloud providers to ensure movement or storage of their data is compliant.
Having a plan to manage your cyber security gives you clarity, helps prevent incidents and manage if something does occur.
Richard Simpson, Managing Director of Atlas Communications. Atlas provides inpremises and hosted data, network and telephony solutions to businesses across Northern Ireland and can be contacted on 028 9078 6868.
www. businessfirstonline. co. uk
49