North Wales Management School - Wrexham University

The importance of taking cyber security as seriously as physical security

Posted on: January 26, 2022
by
Hands on a laptop with a hologram of a padlock overlaying it

All businesses know the importance of physical security. In retail environments, you’ll often see security guards on the shop floor, metal shutters that cover the door when the shop is closed to deter burglars from gaining access, and CCTV cameras covering both inside and outside to prevent theft or vandalism. 

In office spaces, as well as security personnel posted in the reception area, you’ll often see video surveillance systems to track who comes in and out, and physical barriers to get into workspaces like turnstiles or access control systems which only operate when an ID card is presented or access codes are entered.

As businesses become increasingly digitised, there is a pressing need for all organisations to protect not only their physical space, but also their digital space and virtual data centre where sensitive information is kept.

Common forms of cyberattacks

A data breach is when confidential or sensitive information is accessed without permission, often by a hacker who is looking to steal this information to sell on.

These breaches occur in the following forms of cyberattack:

  • Ransomware is a multi-staged attack where hackers usually infiltrate and infect the target’s network, encrypt as much data as possible, then send the target a ransom note stating they’ll release the data for a fee (though often, they won’t release the data after money has changed hands).
  • Malware is software, often in the form of a virus, designed to gain unauthorised access to a computer to steal data, and to destroy the computer system.
  • Phishing is an email scam which is involved in the majority of data breaches. Suspicious emails are sent to a target and when the target follows a link or downloads an attachment their computer, and their company computer network, is at risk.

The rise of data breaches during the pandemic

In 2020, it was confirmed that over 3,950 data breaches occurred within businesses across the world, including 500,000 Zoom teleconferencing accounts being found for sale on the dark web. As more people were working from home during the pandemic, more people were vulnerable to cyberattacks as many workers were operating entirely online to complete day-to-day tasks and interact with colleagues.

54% of organisations required remote work in response to Covid-19, and this increase in remote working reportedly increased data breach costs in the United States by $137,000. On top of this, 76% of participants in IBM’s Data Breach Report said remote work increased the amount of time it took to identify and contain a data breach, putting companies at increased risk. While physical buildings have alarm systems that are alerted to security threats, digital threats often fly under the radar initially until they become a huge problem when they are eventually spotted and rectified. 

Why do data breaches occur?

When a company is targeted, a hacker is primarily financially motivated. By acquiring data and personal information, they can sell this for large sums of money. In some instances, the cyberattack may even trick an employee into sending cash via bank transfers by posing as someone senior from within the business.

Even in the cases where money isn’t directly taken, a security breach can be hugely detrimental to a company’s reputation and can cost a lot of money if systems are taken offline – due to both a temporary loss of business as well as the cost of fixing the issues.

As the number of breaches within businesses continues to rise, it is evident that many businesses aren’t prepared or protected against this digital security risk. 

It’s important that all businesses carry out a risk assessment on their information security and their corporate digital defences against breaches regularly. Much like security teams will always be vigilant and aware of the weak spots in a physical building’s access point, for optimum mitigation against cyber security attacks an IT team must know where their digital weak spots lie.

How to improve digital security measures

There are many ways a company can improve their digital security measures and prevent a cyberattack from happening.

These include:

  • Limiting access to the most valuable data – As valuable data is incredibly lucrative to hackers, making sure only key members of the workforce have access to it is important. This can be done by encrypting the data and password-protecting it, whilst also keeping track of who has the means to access it. Much as security solutions for valuable items in a physical space would include locking them away safely, you can lock away your digital data so it’s not easily accessible.
  • Train employees on security awareness – The most common cyberattacks and data breaches occur when an employee opens a suspicious email, so having a reliable training system in place to enable employees to spot, avoid, and alert IT teams to these attempts can go a long way to preventing security threats.
  • Ban the use of removable media – Many companies already have this security policy in place, but it is an often unknown fact that the use of removable media comes with a high risk of cyber security attacks. By banning their use entirely, businesses are able to keep their defenses up slightly higher.
  • Update software regularly – When a network isn’t patched and updated regularly, it may be vulnerable to attacks. By having a team in place responsible for this, it is a fairly easy and cost-effective method of improving digital security methods.
  • Develop a cyber breach response plan – If a data breach happens in your facility, you want to know it will be dealt with quickly and efficiently. Being able to get a business back online is important, but so is ensuring trust and faith from your customer base that their personal information is secure and that you will handle the situation quickly in the case of a breach.

Learn how to make a business safer

As data breaches are on the rise, more businesses than ever are looking for skilled cyber security professionals who can keep their sensitive information safe and protected against cyberattacks.

North Wales Management School’s 100% online MBA Cyber Security is studied part-time so it can fit around your current commitments. This degree will teach you key risk management and risk control measures in cyber security, will give you an in-depth understanding of cyber security technologies, and will equip you with techniques for securing digital business technologies which you can apply to the real world of work.

Further your career with a specialist MBA, and become a sought-after graduate in the fast-paced field of cyber security.