016 has been a notable year for data breaches , hacks and malicious attacks .
2As awareness grows of the issue , so does publicity . One thing guaranteed for 2017 is that attacks will continue to become more sophisticated and the targets will continually change , no size of business is safe .
There are stronger EU data protection regulations being developed for 2017 and businesses should assume that such regulations will become law in the United Kingdom regardless of Brexit . This legislation states that any company or individual who processes data will be held responsible for its protection , including 3rd party providers . Sanctions for data breaches will increase and the culture of “ naming and shaming ” companies will be streamlined . For companies the negative effects of data security breaches will be more substantial .
Cyber Security in 2017 – are you prepared ?
Blending human security expertise with purely technologybased solutions can combat the threat . This extends to not only your internal operations but also 3rd parties you work with . Companies may wish to vet current IT providers , for example to ensure they are compliant and ready for legislation changes .
Two particular forms of data security breaches have gathered large amount of publicity . In some cases , technology can only protect you so far and the human factor is central to prevention . Blending both of them can create strong protection .
Credential theft has become more developed . Attackers gain control of the network and steal confidential data by masquerading as an employee in the business whose details they have captured . This type of attack cannot be easily detected by technology solutions . As all individuals who deal with data will be “ held responsible ” for its security , companies must ensure that staff training on data security is given priority and that it is refreshed once new legislation comes in , ensuring that staff know the risks and manage those risks .
Ransomware has become a profitable malware type . Businesses need to consider what can be seen as valuable to attackers and then take steps to protect it . Constant backups , disaster recovery and up to date software are all ways to limit the detrimental effect of ransomware . Encryption when backing up data helps to reduce the risk of data loss and can show regulators that you have reached “ reasonable expectations ” of data protection required .
For companies storing data on the Cloud , do your research and know where your data is at all times . Any data held regarding EU citizens is affected by the new regulations meaning it cannot be moved outside the EEA unless adequate levels of privacy protection are met . Companies should check with their Cloud providers to ensure movement or storage of their data is compliant .
Having a plan to manage your cyber security gives you clarity , helps prevent incidents and manage if something does occur .
Richard Simpson , Managing Director of Atlas Communications . Atlas provides inpremises and hosted data , network and telephony solutions to businesses across Northern Ireland and can be contacted on 028 9078 6868 .
www . businessfirstonline . co . uk
49