Risk and Reputation

The Real
Cyber Threat

It’s personal and professional

It’s estimated that 60% of small businesses close within six months of a hack

  • Financial ruin
  • Reputational damage
  • Business closure

Avoid the pitfalls

Mitigate disaster, manage a crisis

 

Imagine a disgruntled customer tweets a damaging statement about your business. People start to retweet it. The press are tipped off.

How will you react to a sudden barrage of press enquiries?

Stakeholders become concerned and there is a negative impact on your business and business reputation. Everyone from customers to investors is asking what is happening? What do you do?

Any action needs to be swift and appropriate to mitigate the damage and restore confidence. Do you have a crisis management plan to cover what you will do in case of a threat to your business reputation?

 

  • Who will manage the crisis?
  • Who will do what?
  • Who is authorised to speak for the company?
  • Do staff on the front line know what to say in response to enquiries?
  • Who agrees the content of any communication?
  • When and how will you update stakeholders?

Information security - Being open, staying safe

Secure your business

If it’s digital it can be hacked…

If you suspect a breach report it immediately – don’t wait to have all the information or dot all the i’s. Ensure you have a plan to mitigate the damage to your business and reputation including how you communicate with stakeholders.

But information security isn’t just about hacks and hackers there are other threats too.

Contact Just Business Sense to discuss the services and solutions you can’t afford not to have at prices you can.

Mitigating Digital Risk

 Fines, consequential loss, reputational damage

Since GDPR the onus is on business to report any cyber attack to the relevant authorities within 72 hours or face a hefty fine. The outcome of an attack should not be underestimated; the greatest risk is likely not the fine but far-reaching damage to reputation, potentially even wiping out your business. 

 

Guidelines for prevention and good health across devices, storage and software

In 2015 almost half of all attacks were focused on small business (Symantec Internet Security Threat report)

 

  • Keep your work policies up-to-date and under continual review.
  • Secure physical access to information.
  • Keep only essential information.
  • Ensure regular, supportive staff training, updates and reminders.
  • Have a well-publicised and communicated system for reporting, lost or stolen devices or software and any suspected suspicious activity.
  • Dispose of old machines, hard-drives correctly. Wiping and deleting are not the same as forensically cleaning.

Need help developing or reviewing your strategy, systems or processes? Contact Just Business Sense today.

%

Of Internal Incidents Have Malicious Intent

The threat from people – your employees and supply chain

A good attacker doesn’t need a firewall or password they are probably already in your system

People are the biggest security risk to any organisation both inadvertently and maliciously. A good attacker doesn’t need a firewall or password, they are probably already in your system. It’s not just malicious breach; 2018 research conducted by Shred-it, noted that more than 40 per cent of senior executives and small business owners reported employee negligence or accidental loss as the root cause of their most recent data security breach.

Risks posed by staff include:

  • Rogue job applicants intent on stealing information or passing it to third parties.
  • Employees becoming tempted to pass on sensitive information.
  • Employee negligence.
  • Accidental loss.
  • IBM – idiot behind machine also PEBAC (problem exists between chair and computer) or PICNIC (problem in chair not in computer).
  • Id10t errors – user will not recognise or admit to an error. 
Secure It

Passwords 

Keeping your information safe includes ensuring your systems are as secure as possible and strong passwords with good password management has an essential part to play . Threats can occur from both outside of and within your business. That’s why it’s important to have policies and procedures in place for preventing unathorised access from those outside of your business as well as internally too. 

Good password management – keeping your information and business assets secure –  is Just Business Sense. If you need help developing your strategy contact us for a free no-obligation consultation; can you afford not to?

Encrypt It

Machines and software – securing systems

 

  • Are your machines encrypted?
  • Do you scan regularly?
  • Is your data backed-up?
  • Have you a robust system for ensuring updates and patches are implemented speedily?

These are just some of the considerations for trying to ensure you have safe and secure systems and software. It’s important to have a policy and procedures in place for your business peace of mind.

If you’re not sure what to include or haven’t the time to work on this contact Just Business Sense for a free no-obligation discussion.

 

    Lock It

    Phones – think security!

     

    Notifications flashing up on the lock screen or worse still an unlocked device are just two issues that can spell serious trouble for your business. Indeed, an unsecured device is an open invitation not just to steal someone’s identity but potentially your business secrets too.

    Taking sensible precautions is Just Business Sense so why not pick-up the phone and give us a call? Initial consultations are free and without obligation.

     

    Think about it

    Email security

    Too good to be true?

    While few people are prone to sending their bank account details to Nigerian Princes that doesn’t make organisations exempt from increasingly sophisticated phishing attacks. Not least because scammers will phish to find the weakest points.

    Ensuring good practice, training and procedures for all staff is Just Business Sense. If you need help get in touch today.