Majority of business now have their data stored within a network and its availability will determine productivity, so one cannot afford to take the view ‘it would never happen to me’ as in a recent PWC study 87% of SME’s and 97% of large corporations experienced a form of security breach last year! So, why in a recent BT study it showed that only 17% of UK businesses class it as a main IT priority compared to 41% in the US?
Data breaches can have huge implications such as financial losses to damages to brand reputation. For example in the PWC report states the average cost of a breach to a SME is £35k – £65k and to a large corporation it is £450k – £850k!
Financial losses such as these will undoubtedly disrupt cash flow and create a dent in the company finances, causing a knock-on-effects on operations. So with consequences such as this, why are only a small amount of UK businesses worried about Cyber Security and have it as a priority, could it be the lack of knowledge on the topic?
It is a common belief that data breaches are from external threats but, it has been suggested employees often play a key role in breaches – like the PWC report states ‘serious security breaches are often due to multiple failures in technology, processes and people’.
This is further reinforced by Avecto recent article suggesting ‘that removing admin rights would mitigate 96% of critical vulnerabilities affecting Windows operating systems, 91% of critical vulnerabilities affecting Microsoft Office and 100% of vulnerabilities in Internet Explorer.’
This highlights the value of educating employees on security procedures that need to be followed and what the implications are if they are not. It also shows by having the correct privileges or admin rights in place for each user depending on their job role can make a significant difference in safeguarding the IT network.
When facing Cyber Security an attitude of safeguarding and it might happen to me is required. By being proactive to maintain a secure IT network environment, a need for continuous monitoring and amendments and most importantly educate employees on cyber security.
For more information or advice on IT security please contact us