Data is a valuable currency, whether it’s personal details, customer accounts or sensitive corporate information. It’s certainly not an area where businesses can afford to take risks, especially if a company’s share price, reputation and even existence is at stake. Yet how many companies have a dedicated cyber security department?
Taking cyber security more seriously
It’s a myth to think your IT department can shoulder cyber security on top of their normal workload. Rather than a job that needs cables, servers and a cool, darkened room somewhere, it needs specialist training, advance planning, a clear strategy and a degree of ‘black hat’ thinking – someone who has the ‘what if’ frame of mind when it comes to possible threats.
It’s a sentiment Richard Wilding, Head of Cyber Services at PKF Francis Clark, agrees with: “Cyber security is all too often thought of as an IT issue, rather than the strategic risk management issue it actually is.”
Richards adds that companies can benefit from managing cyber security risks across their organisation – drawing effectively on senior management support; risk management policies and processes; a risk-aware culture and the assessment of risks against objectives. It’s a developing and fast-expanding role that’s part programmer, part risk assessor, part detective, part director.
Do you need a cyber security professional?
If you’re a CEO, business owner or board member unfamiliar with the terms in this blog, or you’ve already experienced a data breach, it’s time to consider a dedicated cyber security professional or even a department.
Fighting cyber crime is a constant battle and criminals are using ever-sophisticated tactics that are increasingly harder to detect – many of which are beyond the reach of off-the-shelf anti-virus packages. Installing McAfee on every computer and hoping for the best is not acceptable in today’s digital age.
Did you know one of the biggest threats is from within?
Many people think cyber crime results from clever hackers unlocking computers remotely but often it’s cruder than that, with staff themselves opening the door to malicious behaviour.
The risk stems from giving staff unrestricted access to the internet. While every employer knows a degree of online shopping and social media browsing is to be expected, it’s not what they are doing but where and how they are doing it that matters.
Browsing the web is an invitation for harmful viruses and malware, often embedded in downloadable material, emails, pop ups and adverts. When staff access these in the workplace, it leaves networks far more exposed to hackers waiting to steal information.
Cyber espionage and other crimes
While siphoning off bank details in order to empty accounts naturally springs to mind, cyber threats in the workplace take many forms. From harvesting data to sell and stealing inside information for business competitors to hacktivists with political agendas and terrorist activities designed to cripple, a company has to be on guard on a round-the-clock basis as criminals will easily identify a chink in your cyber armour.
A reactive and proactive task
Protecting key information assets is of critical importance to the sustainability and competitiveness of businesses today. “Companies need to be on the front foot in terms of their cyber preparedness,” adds Richard.
A good cyber security expert will examine the current levels of security, finding any weak spots and creating a plan of action to close the gaps. They may look at past data breeches to identify flaws and suggest investments to create a more robust network. The evaluation of security levels, however, needs to be constant with hackers and criminals continually developing new ways to harvest data. Security and risk analysis is also a daily task, as is intrusion detection, and malware monitoring and reversing.
Devising cyber security training programmes
Prevention is also a key part of cyber security, and companies can work with HR to deliver meaningful training programmes to existing staff and new recruits. Part of this can include the development of password protected and single sign-on solutions to ensure corporate data is only accessed by those who have the right, and awareness courses so employees can recognise bogus emails and websites.
In the time it’s taken you to read this blog, your company network could have been hacked. If what you’ve read has made you nervous, you can tap in to our pool of cyber security experts looking for new opportunities.
Get in touch with our specialist IT & Software Solutions recruitment team here.
Charmaine’s extensive recruitment career started in 2001. Heading up our IT Recruitment Division, Charmaine has an uncanny knack of sourcing uniquely skilled talent for our clients and this is coupled with a tenacity and a great work ethic resulting in many recruitment success stories. Her ability to stay calm when …