ECONOMY&US
The Economy & Us:
Cybercrime — it’s Mindshift Time Last year the ONS began including cybercrime in their crime estimates for England and Wales. The result is a 107% increase – with cybercrimes exceeding all other crimes put together! Whilst 90% of large businesses and 74% of SMEs reported a breach in the past year, everybody agrees that much cybercrime goes unreported. We’re talking fraud, theft, extortion. Not just geeks imposing ‘denial of service’ and malware for fun. Do you think your computer systems and data are secure? Informed opinion is that we will all fall prey sooner or later to hacking and/or identity theft. It’s not a matter of “if”, but “when”. Accepting this near certainty is the first important mindshift that you owe to yourself and those who depend on you. Government acts to keep our data safe (every pound stolen is a pound untaxed). The new National Cyber Centre is designed to provide all the support and advice that we need. But the reality is, we’re on our own. Even IT professionals can only advise on good practice. It’s up to us (a) to identify our worst nightmares, the data breaches that have power to inflict most damage on us, (b) to assess these risks and write down our business continuity plan so as to expose its flaws to our critical intelligence, and then (c) to test this business continuity procedure rigorously. This is standard stuff, much of which you probably know already. Your second mindshift is to act now to put it in place. But there’s a third mindshift that too many of us haven’t made yet.
Computers, by and large, don’t make mistakes. Wonderful. But we do. The weakest link in your cyber system is, beyond doubt, yourself and your people – outside as well as within your organisation. Most security breaches occur in plain view: phishing, by phone as well as email (sometimes disguised as coming from a trusted boss or associate); a “free” app; a nice-looking memory stick left lying about for the unwary to plug in. All these and more can unleash mayhem on your operation and its livelihoods. Where should you start? Take a simple test. All should score 100% on Which? magazine’s online test, and maybe even on the Cyber Essentials test at www.cyberstreetwise.com. At www.gov.uk you can bone up on cyber security guidance and free e-learning. Meanwhile, write a rule book specifying who shall have access to what kit and information on a need-toknow basis, outlawing the use of any other kit; and protect each user’s account with a strong password. Letting staff ‘bring your own device’, or install apps, risks exporting your vital data outside your control. Especially if someone leaves in disgruntled mood. In short, nobody knows your business like you. Do seek professional advice, but don’t lay aside your caveman cunning, your vigilant urge to spot trouble before it materialises and head it off. Only the fittest survive.
Nick Rowell Director of Policy Kent Invicta Chamber of Commerce Direct line: 01622 753568 Email: nick@tpbs.co.uk
June - July 2016 ThinkingBUSINESS
33