Response: IoD report - cybercrime underreported
March 2016 by Stephen Love, Security Practice Lead – EMEA , Insight UK
In response to the IoD report’s findings that cybercrime is going underreported as businesses cough up ransoms - often in bitcoin - for hackers to keep their data safe, please see a response from Stephen Love, Security Practice Lead – EMEA , Insight UK.
The findings of this report are not unexpected. Cyber extortion is a method growing in popularity with malicious, online criminals and businesses commonly believe there is nothing to do but pay the ransoms to ensure the security of their data and reputation. This is what is surprising – the lack of education around data security. Today, there are many different measures businesses can take to ensure their data is safe from malicious intent, but this report highlights the lack of knowledge around these measures.
One of the most effective methods is encryption. Every organisation should be able to admit; “Yes, our network was hacked and data was stolen. However, your customer information is secure. It has made no difference to the business - reputational or financial - as we have protected ourselves so the data, if it fell into the wrong hands, is useless.”
It is crucial businesses assess just what portion of their data is most valuable and needs closer security attention. Not all data in an organisation would be deemed ‘sensitive.’ By carrying out a thorough assessment as to what data is uniquely distinct to the organisation, then discovering in what ways it’s at risk and putting in place security measures accordingly, every organisation can feel confident that they have the best defensive measures possible in place. If the sensitive data does end up in the wrong hands, it will be rendered useless.”