Cyber-crime is currently a hot topic and threatens the entire commercial and government landscape.
Perhaps the most dangerous types of malware creators are the hackers and group of hackers that create malicious software programs in an effort to meet their own criminal objectives.
Cyber crime is not just hogging the headlines: it’s posing a looming threat to the entire commercial landscape. Director asked the experts to provide essential pointers for UK business leaders
The rise of state-sponsored hacking is also putting top security researchers in an invidious position as state security organisations increasingly target them – while cyber-criminals will resort to threats and blackmail in a bid to silence them.
That is the claim of Juan Andres Guerrero-Saade, who works for anti-virus software vendor Kaspersky Labs in the US.
According to a McAfee report of June 2014, cyber-crime costs the world economy more than $400bn (£260bn); to put that into perspective, the global aid budget comes to about $100bn a year.
You know you have a cyber crime problem when the national body in charge of fighting it – Britain’s National Crime Agency – is itself targeted by hackers, as happened in September. And yet, according to a new study from identity protection experts CSID, more than half (52 per cent) of the country’s smaller firms “are not taking any preventative measures to protect themselves against cyber-crime”.
Fraud is estimated to cost the UK economy £52bn annually and 44% of UK organisations reported fraud, compared to 37% globally. The impact of cyber-crime is significant; representing £27bn of the annual estimated cost.
Some 42 per cent of small and micro businesses in the UK report having experienced cybercrime, according to a study by the Association of Accounting Technicians.
Furthermore, research has found that 60% of small businesses suffered a malicious breach in the past year and half of them had a serious incident. The worst breaches disrupted operations for small businesses for an average of seven to 10 days.
A group of experts, convened from government and industry to create an easy to understand action plan in order to help SMEs combat cybercrime, recommended that all small and medium-sized businesses should:
- Train staff to understand cyber threats;
- Keep software secure by always installing updates;
- Install and use anti-virus software and
- Use complex passwords which include a minimum of three words and a symbol.
Common problems faced by businesses include staff exposing IT systems to malware by plugging in external devices or storage such as USB sticks, opening infected emails or using unsafe websites with malicious code. Poor device passwords and out of date software also leave firms vulnerable. The Fraud Advisory Panel (FAP), an independent voice of the anti-fraud community in the UK which was established in 1998 as part of ICAEW’s public interest agenda, published guidance earlier this year to help firms considering introducing a bring your own device (BYOD) policy ensure that they have considered the associated security issues.
In summary, security is a frame of mind that leads to technology deployments, never the other way around.
The worst thing a company can do is buy an anti-virus suite and then consider the job done. Not only does every piece of software need to be constantly updated and patched, but to protect the most valuable data additional layers of security must be added and access given only to those who truly need it.
As a small business you need to take responsibility to ensure your systems are safe, as a business can you afford to lose all your data or have your business shut down for several weeks because of lack of IT security?