Cyber security breaches: The danger that lurks within
4 min read
23 November 2012
British cyber security breaches could be coming to a business near you! Make sure your SME does not suffer from problems with your internet security, by following Martin Leuw's advice.
Some years ago, I was faced with a crisis. A product release went wrong and as it hit customers’ desks, our helplines went into meltdown, coupled with an explosion of customer complaints on business social media sites.
Mistakes happen, but we must learn from our experiences. Situations like that are not ones you want to repeat if you desire to live a healthy life and continue in business.
In the aftermath, we held a series of team-wide “Look back and learn” sessions to get to the root cause of the problem to prevent it or anything like it ever recurring, as well as a response process to deal with crises in an organised way (including a communications plan).
However, as businesses have multitudes of risks and you never know when they are going to creep up on you, I also put in place a Risk Radar to register those situations that were potential major issues (Amber), could turn nasty (Red) and outlined the actions we were taking to get them under control (Green). They were reviewed at our monthly executive meetings to avoid surprises, and became part of the way we did business.
Last year I joined the Board of Clearswift as chairman. The business operates in the cyber security space, which can mean different things to different people. To put it into context, the recent release of Skyfall highlighted the dangers to nation states of this new wave of digital cyber terrorism, but what it didn’t touch on was that this is also coming (or may already have arrived) to a business near you – possibly yours.
Once upon a time, the CEO of a business would rely on his or her IT Department to put systems in place to increase efficiency and to navigate the alien world of technology speak on the business’ behalf, while asking few (probably not enough) questions.
How times have changed over such a short period! The release of the iPad followed by other smart devices, their extensive use in the workplace (Bring Your own Device or BYOD) and the rapid emergence of cloud applications has created a whole host of new risks to sit side by side the benefits of mobile working.
High profile brands (the most quoted being Sony Playstation but there are many more) have been brought to their knees by headline news highlighting the leakage of valuable, personal customer data and IP into the public domain. Regulatory fines have increased substantially (cap of £500k in the UK since 2010 under the regulatory jurisdiction of the information commissioners office) but these are negligible compared to the brand stress and lost business involved.
Cyber security is now a strategic challenge that requires discussion at board level, in businesses of all sizes. The opportunities of mobile working and social media to enhance business growth in this tough climate are massive, but they come with the need for a risk radar and solutions to protect you – both in terms of software and employee education.
Many situations arise from accident and employee ignorance, rather than malice. For those of us not born into the digital age, this is a new world and understanding the threats and putting in processes to protect you is not just best practice, it is essential.
Martin Leuw is a serial entrepreneur and former CEO of IRIS, the UK’s largest private software house.