Time to ‘Talk Talk’ Cybercrime – who’s at risk?

Malicious or accidental, any cyber security breach will have a negative impact on a business. It’s not just the financial cost; it can affect a business in terms of reputational damage and business down-time to name but two.

A teenager is believed to have been arrested over the Talk Talk security breach which could cost the company over £30 million.

It shows that those causing a breach don’t fall into just one particular criminal profile – it could be a member of staff within the organisation who mistakenly or intentionally commits a breach. Regardless of who they are, businesses must ensure they have robust systems, processes and financial cover to reduce the risk of such a security breach.

At this time of year, retailers will be enjoying their busiest season of the year. Handling customers’ financial information and trading online increases the opportunities for those on the look out to cause disruption. But, no sector will be immune. Whether you are in financial services or manufacturing, retail or leisure services, if your business uses technology then you are at risk and fraudsters are being much more creative in trying to access business details.

There are huge implications for the business. TalkTalk’s shares fell after investors feared repercussions of the data breach as well as the negative impact on its reputation. Interestingly, the chief executive of TalkTalk, Dido Harding, has warned of a “cyber security arms race” threatening all UK companies.

There are some steps businesses can take in the short term. The Department for Business, Innovation and Skills launched ‘Cyber Essentials’ (weblink) in 2014. It assists businesses with some basic essential steps to protect against cyber crime. Getting an accreditation will show customers the business is taking steps to curb cyber breaches. And, in response to the growing and regular threat of cyber attacks, there are tailored insurance policies to cover businesses against the impact of such a breach.

So, what can be businesses do? Some top tips include:

• Communicate regularly with employees about the need for vigilance. Make security everyone’s responsibility
• Invest in training – little and often will keep risk in the minds of workers
• Devise and implement a policy of risk management when it comes to mobile working eg remind employees of the risk of taking data off site eg USB sticks
• Ensure those tasked with IT security ensure security patches and the secure configuration of systems is maintained
• Assess your current insurance policies and speak to a specialist professional as to whether it provides adequate cover.

As Talk Talk’s Dido Harding said: “the awful truth is that every company, every organisation in the UK needs to spend more money and put more focus on cyber security – it’s the crime of our era”.