Irish and UK-based companies need to do more to protect their organisations from cyber-attacks and online threats. The UK government’s annual report providing insight into how the UK’s biggest companies deal with cyber security tells us that whilst 97% of firms are aware of GDPR, 68% of board members had not been trained to deal with a cyber-attack.
The report also found that only 6% of businesses are completely prepared for GDPR, leaving 94% unprepared for a regulation being enforced in just 8 months.
The 2017 IBM and Ponemon Institute survey found that the UK average cost for each lost or stolen confidential record is £98 with the average total data breach cost being £2.48 million.
Around 60% of the cost of a data breach is attributed to response activities such as incident forensics, communications, legal expenditures and regulatory mandates. A big chunk of this 60% is avoidable if your business is prepared.
As IT Manager or CIO of your organisation, you clearly need to prepare your organisation, not just for GDPR, but also to protect the company from external threats and to have a plan in place should a breach occur.
Here are 13 security questions you need to have the answers to:
- How long will our business be down in the event of a cyber-security attack?
- What actions are we taking to protect the company from the risks?
- What is our plan to address cyber security across our business?
- Are our employees properly updated and trained? People play a huge role in prevention
- If a breach occurs, what is our response plan?
- If a breach occurs, how much will it cost us?
- Do we have the right security expertise on board?
- Is our data backed up
- Do we have a secure backup not connected to any network?
- Do we have a Disaster Recovery plan?
- Are our applications backed up?
- What is our disaster recovery process?
- Do we promote a security culture?
The Trilogy blog has a number of articles that provide answers to these questions, together with some tips on how to make your organisation more secure.