Cyber attacks, viruses, spyware, malware, DLP, ransomware, cyber extortion....the list goes on. If you are one of the many companies that feel it is all just so confusing that you just pay lip service to Internet threats by employing a simplistic approach to Internet security then beware upcoming EU legislation could punish you out of existence.
While you have until 2018 to get ready for the legislation, the threat is very real today and if you value your data and your business, now is time to start thinking security.
My recommendation is to grasp the basics first and the first step is realising that security is not a product, it’s a policy. You can’t buy an all-singing, all-dancing unified threat management device and sit back believing you’re safe. You need a security policy; one that addresses all the threats you face in terms of compromising the integrity of your data and one that assesses what the impact of that actually is.
Once you understand the threats and their source, you can put together your approach to safeguarding against them. But don’t be complacent. Threats evolve and your security policy must evolve ahead of them.
Make no mistake, security will be a significant item on all board agendas moving forward, so ensure that someone with the appropriate authority level is assigned to it, to head it up, instigate the changes necessary and ensure adherence to the rules.
The threat of EU fines may prompt you into action, but be clear an exit vote on June 23 won’t save you. Any breach of data, regardless of fines, can significantly hurt your business, your customers, your reputation and, ultimately, may mean the end of your company.
There are some quick wins using technology but this isn’t something you source from the web; you need to take professional advice.