Cyber security, computer security or IT security is the protection of computer systems from theft of or damage to their hardware, software or electronic data, as well as from disruption or misdirection of the services they provide. Cyber security analysts help prevent attacks through their expertise and knowledge of databases, networks, hardware, firewalls and encryption. Cyber security analysts may also regulate access to computer files, develop firewalls, perform risk assessments and test data processing systems to verify security measures.
In a world where so much communication takes place online, our personal and business security is constantly under threat. We store so much information online and often pay insufficient attention to putting in place and updating security measures that protect our personal and business data. What are the real risks and do we really need to services of cyber security companies?
In September a case was held at The Old Bailey where job hunters applying for positions at London’s Harrods store were targeted by cyber criminals. The position appeared to be posted by well-known recruitment company Blue Arrow, but this was a fraudulent cover. When the job hunters downloaded the job descriptions and application forms, they infected their computers with a bug. The hackers then retrieved personal details that enabled them to clear the job hunter’s bank accounts, totalling over a million pounds.
This may seem a relatively small scale target, which has no relevance to you. So, imagine the detrimental effect if your company’s computers were targeted. Not only could your business data and finances be stolen, but in most cases valuable information regarding your clients, suppliers and partner organisations. If it is worth stealing the bank accounts of job hunters, imagine the value of your business to a competitor if a hacker were to sell your client database, intellectual property and profits.
PWC were commissioned by the department for Business, Innovation and Skills (BIS) to conduct a cyber-security survey with UK companies. The aim was to identify trends, specific threats and to build awareness of the risks to business. The results showed that security breaches were growing, particularly amongst SME’s. Large businesses were facing a significant attack every few days, leading to losses of funds and data. Despite this, most businesses were struggling to keep up with updates to security measures.
The biggest cause of security breaches come from employees, who are often unaware of the potential outcomes of simple actions. These include transferring information between home and work computers via USB sticks, using weak passwords to access restricted data and logging onto social media sites on a work computer. The PWC survey suggests that 36% of the worst breaches were a result of human error. Despite this 42% of the large organisations surveyed didn’t provide security training for their staff.