In just 2016 alone, major global corporations, charity organisations, dating websites, social networks and many more businesses became victims of cybercriminals.
Cyber security breaches are an issue that affects virtually all UK businesses but awareness is still low
The recently released UK Government Cyber Security Breaches Survey confirmed that not only big businesses and enterprise organisations are being targeted by cyber criminals.
“Two-thirds of big British businesses have been attacked by hackers in the last year”
Now, small and midsize businesses are becoming a top target for hackers.
SMEs are attractive to cybercriminals because of major failings in their IT security:
• Lack of time and budget for expert IT Security resources makes these an easier target
o No dedicated IT security experts on payroll
o Failure to keep all tools up to date allowing for easy to exploit security vulnerabilities
• Lack of risk awareness
• Failure to secure endpoints
SMEs often offer a means to gain a foothold on the interconnected ecosystems of larger organizations with which they partner. Any vulnerability in the security of these SMEs could be used as a way to launch an attack on the larger organization’s infrastructure.
Cyber security breaches affect all kinds of businesses and the cost can be substantial
The government survey shows that the estimated average cost of all breaches over the last 12 months is £3,480 but this increases to £36,500 for large firms. The most expensive data breach in the UK according to the survey was £3 million.
It is difficult to estimate the total cost of a cyber security breach, because many costs are not easily quantifiable, such as damage to reputation and potential loss of existing and future customers, and as such costs are typically massively underestimated. Globally, data breaches cost billions of dollars in remediation and restitution.
Between 2014 – 2015 companies like Adobe (152 million customer accounts compromised), eBay (145 million customer accounts compromised), JP Morgan Chase (76 million customer accounts compromised), Target Stores (70 million customer accounts compromised), and Home Depot (56 million customer accounts compromised) have all became victims of data breaches and faced crushing scrutiny.
Encryption is no longer an option!
For many years the use of encryption on the internet primarily revolved around e-commerce or financial services businesses and focused on websites (desktop experience). Companies who were collecting financial and other personally identifiable information (“PII”) would protect their customer’s data during web transactions primarily through the use of HTTPS/TLS encryption and by encrypting “data at rest”, or data files and databases which store PII data on the website’s servers.
But times have changed. Encryption is no longer an option! It’s a duty you have to the users of your services and your responsibility as a business owner is to protect them regardless of the platform they are using to interact with your brand.
As a responsible business, you need to insist that your website, mobile app and any platform you are using to interact with your customers is secure, each time and every time.
To speak with one of our experts about making your business secure simply contact Qredo team via our website www.qredo.com