It takes more than technology to save a business from a cyber attack – Irish Tech News – Irish Tech News
Guest post by Mark Fitzgerald, COO at Typetec.
It’s no secret that the pandemic has served as a massive wake-up call to businesses as they have seen an increase in the scale of cyber-attacks and threats to organisations. These attacks are progressively more complex, more targeted, and more persistent, now requiring an enhanced defence strategy to confront them.
It’s not a matter of if, but when a business will face a cyber-attack. Businesses must prepare for inevitability, as opposed to possibility. So, it’s necessary to have a pragmatic and tailored approach to mitigating risk in a company. A new threat looms around each corner, which can be tackled by the right resources, expertise and understanding.
Under attack
Irish businesses are overwhelmed, under-resourced and struggling to mitigate the impact of modern-day cyber security breaches and the subsequent business disruptions they cause. Business continuity is suffering, and IT systems are at risk of being weakened.
Typetec’s recent research discovered the scale of the problem as 95% of Irish small and medium-sized businesses experienced some form of a cyber-attack last year. That tells us that almost all Irish SMBs have found themselves in danger, with the potential of losing critical data, business downtime and their reputation. Just as worryingly, our survey found that a significant minority (37%) of Irish SMBs don’t have an effective disaster recovery plan in place. This acts as a clear and perilous gap which could threaten the continuity hopes of these businesses once they are successfully attacked.
While having a plan in place to mitigate breaches is one thing but having the resources to execute that plan is another. Cyber attackers are typically three steps ahead of the organisations they infiltrate, so a business needs to be ahead of the game in terms of its resourcing and security strategy.
Under-resourced
A vital question to ask is how well businesses know their security postures and potential weaknesses, and how prepared are they?
Typetec’s research found that only 60% of SMB owners believe they have a strong understanding of cybersecurity threats. What does that mean in reality? It means education is lacking and expertise is therefore often missing. It also means threats could be overlooked and businesses could be at significant risk.
The next obvious question is what can be done? While there is no one-size-fits-all solution, companies need to consider their internal resources. They should look at what they can practically manage themselves and they should consider outsourcing the more cumbersome, complex and/or time-consuming tasks to experts.
Naturally, an organisation’s ability to outsource depends on the company size and the capacity of the IT department. The last thing a business wants is a department with an unmanageable workload and the inability to cover all bases of security. To avoid stretching resources too thinly and risking a poor security posture, it can make sense to seek external expertise.
Gaining access to a team of cybersecurity specialists can also ensure your business will be able to accurately find and plug gaps within a business’s security infrastructure, and most importantly they are constantly aware of the latest cyber threats, and the best ways to avoid them.
To combat the serious risks involved and help offload the mounting pressure on internal resources, outsourcing cybersecurity management could be the answer. Skilled professionals at hand can provide assurance, and expertise and they have access to the most advanced technology in the most effective way. Outsourcing also lends itself to flexibility, freeing up employee time for other priorities.
Understanding
However, it’s also important that all internal staff have an awareness of the dangers lurking. The weakest security link in a business chain can often be its people, which is why employees need up-to-date training regularly. The opening of a simple legitimate-looking email can cause a disastrous ripple effect as seen with the HSE attack, leading to the widespread loss of data or a business being held to ransom. Our research revealed that ransomware attacks have cost Irish SMBs an average of €22,712 in paid ransoms, although this figure can multiply when business downtime and loss of service is factored in too
It’s so important to be ahead of the game when it comes to cyber security. Despite this, a majority of Irish businesses admit to under investment according to EY’s 2021 Global Information Security Survey. More than half of Irish cyber security teams (52%) fear they are exposed to a major breach which could be avoided if their businesses invested more in their cyber defences. Investing in cyber security will be beneficial in the long run and businesses mustn’t wait for a breach to happen before they boost defences. Businesses that act proactively and educate their in-house teams and outsource for additional expertise will be much more secure.
Through understanding the cyber landscape, cyber security solutions need to adapt to threats, and threats need to adapt to solutions. For a business to prepare and defend itself, it must educate and equip employees with the knowledge and tools to spot, prevent or deal with potential breaches, but also test that knowledge. They should not wait for an attack to occur to evaluate levels of understanding and safety. Be proactive, be ready and test regularly. A cyber security breach can spell catastrophe for a business, costing money, time, and reputation. If a business truly understands the risks, it will do everything in its power to avoid dealing with such consequences.
Conclusion
These attacks will keep happening and keep evolving. That means a business will have to keep defending. If a business overestimates the capabilities of its team and underestimates the resources needed, it can suffer the consequences. Organisations must truly understand the long-lasting impact and potentially disastrous implications an ill-prepared cyber security defence can have for the business, its employees, and its clients.
To avoid this, evaluate business capabilities, understand organisational needs, be proactive and plug any gaps with the correct resources. That is the secret to cyber security success.
See more stories here.
Irish Tech News are Ireland’s No. 1 Online Tech Publication and often Ireland’s No.1 Tech Podcast too.
You can find hundreds of fantastic previous episodes and subscribe using whatever platform you like via our Anchor.fm page here: https://anchor.fm/irish-tech-news
If you’d like to be featured in an upcoming Podcast email us at [email protected] now to discuss.
Irish Tech News have a range of services available to help promote your business. Why not drop us a line at [email protected] now to find out more about how we can help you reach our audience.
You can also find and follow us on Twitter, LinkedIn, Facebook, Instagram, TikTok and Snapchat.
Mark FitzgeraldTypetec
Follow Irish Tech News