Cyber security is not a priority for a majority of businesses

According to a quarterly survey from the merchant banking group, Close Brothers, 63 per cent of UK companies have chosen not to invest in better cyber security over the next 12 months, despite the fact that nearly that same amount are concerned about being victims of cyber crime. The decision to forego cyber defences is especially surprising considering that 24 per cent of UK companies have experienced at least one cyber security breach since May 2015, according to government data.

On average, a single cyber security breach can cost a company between £1,860 and £36,500, according to the most recent government research. However, that amount does not include the cost of business disruptions, lost sales, recovery of assets, and fines and compensation. So, when tallied up, the final cost can be between £75,000 and £3.14 million.

Yet, the financial cost of a cyber security breach is not the only reason why a company should invest in a more robust security programme. If UK companies want to continue doing business with continental Europe, they will have to comply with the EU’s General Data Protection Regulations (GDPR)—regardless of how Brexit negotiations go. While the GDPR will not come into force until 25th May 2018, your company should nevertheless begin implementing the regulations now. To help, the Information Commissioner’s Office (ICO) has released 12 steps to help your company adopt the GDPR, which can be found at:

https://ico.org.uk/media/1624219/preparing-for-the-gdpr-12-steps.pdf.

In addition, to strengthen your company’s cyber security, here are four general best practices:
1. Provide annual cyber security training for your entire staff—from interns all the way up to directors and officers.
2. Remain up to date on cyber security trends, which should include both new cyber security threats and cyber defence software.
3. Install anti-virus, spyware and malware detection software on all company computers as well as employees’ mobile devices.
4. Develop a written incident response plan, which should include what the procedure is in the event of a cyber security breach.

If you have any questions about your cyber security and protecting your risk, please contact A-Plan’s commercial team.