As the world, as a society, become more technology-focused it is critical that businesses, of all sizes and across all industries, continue to value their cyber security defences and policies. These periods of outages and downtime are devastating and can lead to reputational damage, not only among customers but with your suppliers, too.
Tesco issued an update, which said, “There is no reason to believe that this issue impacts customer data.” But there is the fear that hacks such as these could lead to compromised data, such as email and delivery addresses, passwords and financial details being swiped by cyber criminals.
As Toby says, businesses need to ensure their cyber security is up to scratch to avoid downtime:
“Downtime is one of the worst things that can happen to a business. If you cannot reliably stay operational than you will struggle to continue to attract business, existing customers could become frustrated at the intermittent service they are receiving and go elsewhere.
“As we have mentioned, more of the general public are shifting their habits to ordering and shopping online. This makes it even more critical that companies are cyber safe and secure, to avoid any issues that involve the loss of company or customer data – which could lead to data privacy laws being broken if the correct procedures are not in place.
“Work must be done to ensure that businesses have Business Continuity & Disaster Recovery plans in place to protect them from any larger periods of downtime. These plans use data backup and recovery products to rebuild your IT systems in the event of failure. Through carefully restored backups, businesses can be up and running again much more quickly.”
BCDR plans are not the only way in which businesses can improve their cyber security defences. What other measures does Toby recommend businesses take, in order to stay cyber safe?
“We recommend that all businesses employ the use of multi-factor authentication (MFA). This ensures that those trying to access your corporate network are actual members of staff, as opposed to a sneaky cyber criminal who has gained account information through a successful phishing attack.
“Phishing Awareness Training is a further recommendation. Training your staff should be high on the priority list, as, more often than not, they are the gatekeepers to your business. If they do not know how to identify a potential phishing email – poor grammar, an urgent action is asked of you, for example – then your business is not going to remain secure for very long.
“It is also worth reviewing your current cyber security policies. If you’ve experienced change as a business over the last 18 months, as many have, then it might be that your existing cyber security procedures aren’t as effective as they once were.”