Organisations of all sizes are increasingly reliant on the use of the internet and email to conduct business. As a result companies are storing ever growing amounts of digital data, regardless of whether they are a customer or business facing enterprise. Whilst this enables them to learn more about their client base, the risk of that data, and of IT systems in general, being compromised as a result of cyber crime is also ever increasing.
According to recent crime figures cyber crime has affected more than 30% of the adult population in the last 12 months.
A study conducted by the Cabinet Office has revealed that the cost of cyber crime to businesses is £9.2bn a year.
Your firm has a responsibility to keep customer data safe, no matter where it is stored, even if processes are beign outsourced to third parties.
So how can small businesses increase their resilience to cyber crime?
With fraudsters becoming every more sophisticated with their manipulation of IT systems it is also essential to have specialist cyber insurance in place.
With the emergence and growth in cyber risk a number of insurers have been developing new products to help protect your business when normal risk management measures fail. The market is predicting that these will soon form part of the standard insurance portfolio for the majority of businesses.
If you want more information on how insurance can support your own risk management of this increasingly targeted area then please speak to us.
- Implement a combination of security protection solutions (anti-virus, anti-spam, firewall(s))
- Carry out regular security updates on all software and devices
- Implement a resilient password policy (a minimum of eight characters, using upper and lower case letters and numbers, to be changed regularly)
- Secure your wireless network
- Implement clear and concise procedures for email, internet and mobile devices
- Train staff in good security practices and consider employee background checks
- Implement and test backup plans, information dispoal and disaster recovery procedures
- Carry out regular security risk assessments to identify important information and systems
- Carry out regular security testing on the business website
- Check provider credentials and contracts when using cloud services