We started this year addressing the up and coming trends we see happening in tech and businesses. Though our content over the past 4 weeks we have addressed a few topics, which can, in a nutshell, be summarised to a trend that is here to stay: the fast approach of digital transformation in businesses.
With the world increasingly going digital, we appear to now have another issue in our hands: IT Security
Clearly, the events of 2017 have shown that the focus on cyber crime is only increasing, and becoming stronger. We have seen the smallest and the biggest businesses being impacted by this new wave.
All of the sudden, we were facing a new challenge and asking the question: What do I need to do to stay protected?
Everyone went big about security, including us. If you are a frequent reader of our blog, every other week you would see a blog post relating to some aspect of IT security and a constant focus on stressing how important education is in preventing breaches.
We went on step further. We visited key clients and conducted security awareness sessions, only to find that the front line of most organisations wasn't in any way shape or form aware of the basics of IT security. Yet, these are the people being targeted every day!
So, when we considered writing yet another article on security, I had trouble convincing myself we actually needed it. However, when I reflected back on my personal experiences with the onsite client sessions, it was apparent that we still need further discussions around security.
This will be the year that cyber security is intertwined into how we work.
So, it is only fair that we add in this post our view of what you should expect over the next months.
Businesses will prioritise IT security
Undoubtly, all businesses in some way, shape or form, now have technology implemented that is integral to their operations. However, after seeing other companies being taken down by the events of last year, there is now a re-prioritisation of cyber-security.
In New Zealand the numbers are scary:
- 1 in 5 - number of small businesses in New Zealand that have been targeted by a cyber attack.
- $19k - average financial loss to small businesses in New Zealand who experience a cyber attack.
So, it's not a surprise that we have all woken up to the fact that something has to be done.
This might seem like a minor shift, but this is in fact the seed needed to facilitate the consequential changes.
The first step in empowering your organisation is to give your employees knowledge. There are many ways to deliver this. From online courses, through to in person workshops. The format will have to be what works for you and your staff. However, the message here is loud and clear:
Add security education to your yearly plan. Ask your IT provider about it. Get informed!
⇒ If you want a starting point, our experts have written a guide especially for this purpose called 'Cyber security tips for employees', which you can download here.
There will be a shift from reaction to prevention
Businesses recognise that this is not a game they want to be playing catch-up in. As the adoption of technology increases, the focus is having to shift from ways to react to a breech, to figuring out more secure processes to prevent data from being exposed.
So, expect to see more service offerings around "Managed Security Services” and “Information Security Consultancy ", such as those offered by Aura Information Security here in New Zealand.
In addition, bigger players are paying attention to this trend too - and building more robust tools to help us all.
Microsoft has done a great job launching a tool which we love and recommend all to consider: Advance Threat Protection. For an approximate $3 per user per month, ATP ensures the safety of your mailbox so you don't have to!
The best way to understand what the optimum combination of services, tools and hardware looks like for you is to have a chat with your IT provider. They should be all over this, and fully equipped to assist with putting in place a roadmap that addresses the three key aspects of IT security: people, process and technology.
We will see a continued growth in the use of extortion tools
As you up your proactive defenses, cyber criminals will start leveraging their own tools in an attempt to get through to your devices.
You can expect their to also be a rise of increasingly sophisticated attacks, as opposed to the simple lock and extort exercises. In fact, ransomware will become accessible, with attacks being lead by individuals with lower skills through the rise of Ransomware-as-a-service.
Because of this, businesses will require to implement a customised stack of defense systems, rather than relying on a one-stop-shop product. As noted above, your IT Provider should be able to help you with implementing the most effective solution for your business, hit them up!
It's not all bad news: There will be an increase in automated cyber security responses
All hope is not lost! With organisations struggling to manually keep up with the number of attacks, it's only natural that we will see a rise in automated cyber security defense tools too.
But we caution not to get too comfortable when defense tools are implemented. It will always be imperative to have a disaster recovery plan for your business. Many scenarios, outside of a cyber attack, can affect your ability to access your data, for example a natural disaster destroying your office. Make sure your data is backed up, with a plan and time frame expectation set to recover your data.
It's time to get real!
The foundations of our future is being laid with the rapid pace of technology advancement. With these changes come new opportunities, and also threats. Cyber criminals are aware of what is happening and constantly on the look out for ways to "jump in".
It is time to go beyond just considering security as a threat and act on it . Your first step starts with a conversation with your IT provider. Book that meeting now!