search.noResults

search.searching

dataCollection.invalidEmail
note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
roundtable


email attacks. Until users are better aware the problem isn’t going away.”


Bunker noted: “The majority of incidents are due to mistakes by people, not outside attacks. For example, sending data to the wrong person in your organisation, or malicious action by a disgruntled employee.”


Tate added: “Auto-filling emails and ‘reply to all’ can be a problem. It’s an ongoing battle between usability and security.”


Blumenthal summed up the panel’s thoughts by saying there was no silver bullet to solve the threat. “Every business should have best- of-breed products for anti-virus, anti-malware, firewall and patch management – on all devices, not just servers. Humans are often the weakest link, so training is important.”


Data security wasn’t an issue a few years ago, is there recognition that today it’s a board-level concern that affects the bottom line?


Companies need to recognise that data is a business asset said Richmond-Coggan. “There has been a generational and technological shift in how we exploit data. There is a growing understanding that it is a core asset that needs to be protected.”


Davis: “GDPR is raising awareness of company data and helping boards to focus on security. The ones taking it seriously aren’t just pushing the issue on to their IT department.”


Riley, general manager at Complete IT, noted: “Stricter laws, with criminal liability at board level will help.”


Bunker pointed to action being taken in other countries: “The US, Japan and Australia already have similar types of legislation to protect citizens and business customers.”


SMEs shouldn’t bury their heads in the sand, observed Blumenthal. “The Government’s Cyber Essentials accreditation scheme was launched in 2014 to help SMEs protect against online threats. It’s a straightforward way to self-certify at a basic level.”


Riley: “If you put the right steps in place, then even if there is a breach, the Government is more likely to issue a fine that is proportionate based on the actions you took to prevent it.”


THE BUSINESS MAGAZINE – MAY/JUNE 2018


Richmond-Coggan: “When breaches do happen, if companies can show they realised something was wrong, have fixed the problem, and can show how they will be better in future they will probably be fined less. The big, high-profile fines will probably be where mistakes haven’t been fixed.”


Bunker: “I think we are likely to see a number of test cases to establish the basis for fines.”


What measures should businesses take if data is lost through a security breach?


The general view was: don’t make assumptions that your data will be safe – and don’t pay ransoms.


Davis: “Never pay a ransom – how do you know you’ll get your data back? Make sure you do back-ups, preferably to a shared drive. Test your back-ups regularly, so you know you can restore all your data.”


“Businesses need to consider the speed and time it will take to recover backed-up data said Blumenthal: “I think the majority of SMEs haven’t thought about it – or tested their responses. It could take days – or weeks – to get it back.”


Bunker: “Businesses might have thought about disaster recovery and business continuity, but they need a plan that will work. A plan doesn’t need to be massive but it should be tested regularly.”


Cyber risk insurance is another aspect to consider, added Richmond-Coggan: “Does your disaster recovery plan adhere to what your insurer expects of you?”


Ridley: “Testing your back-up should be a real, live test. Turn off the server and see what happens. Can you carry on running your business?”


Richmond-Coggan agreed: “That will help flush out problems, for example, are all the essential contacts and phone numbers you need to run your recovery plan only kept on your computers, or do you have hard copies?”


Tate: “A challenge for SMEs is educating rather than scaremongering. You have to convince companies that they need plans and polices in place, even if they don’t think they do.”


Blumenthal: “Companies are beginning to realise they need to


Continued overleaf ... businessmag.co.uk 19 Dr Guy Bunker Colin Blumenthal


Amanda Melton


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58  |  Page 59  |  Page 60  |  Page 61  |  Page 62  |  Page 63  |  Page 64  |  Page 65  |  Page 66  |  Page 67  |  Page 68  |  Page 69  |  Page 70  |  Page 71  |  Page 72  |  Page 73  |  Page 74  |  Page 75  |  Page 76  |  Page 77  |  Page 78  |  Page 79  |  Page 80  |  Page 81  |  Page 82  |  Page 83  |  Page 84