Earlier today it was announced that Dixons Carphone has admitted to a huge data breach involving 5.9 million payment cards and 1.2 million personal data records. Whilst it states that there is no evidence that the cards have been used fraudulently, it has come as a major blow to the business. In May this year, it announced it would close 92 Carphone Warehouse store due to a fall in profits and following today’s announcement, shares fell more than 3% in early trading.
This data breach could have a devastating effect on Dixons Carphone, but it is not just big organisations that fall victim to data breaches. In fact, according to the Threat Landscape Report released earlier this year by the European Union Agency for Network and Information Security (ENISA), 61% of breaches affect organisations with less than 1,000 employees.
With GDPR requiring businesses to report breaches within 72 hours, it is essential to protect and monitor your business. Here’s how you can protect your business against a data breach.
Understand the risks
Cybercrime is often seen as just an IT issue and therefore business owners often file it in the ‘too complicated’ category. Cyber security is much simpler than that. It is a business issue, especially given the requirements and penalties associated with GDPR.
The first thing you should when it comes to cyber security is understand your requirements and the risks to your business. Hackers don’t just use IT infrastructure to infiltrate databases. Telephone systems and even printers can be used as a way in to your system, so it is important you understand where threats exist in your business.
There are relatively simple steps that can help to protect your business. Having good anti-virus software and spam filters will help reduce the number of malicious emails landing in your inboxes. Updating operating systems and software will ensure you have the latest security updates. Data encryption and security access measures can also help should hackers find their way into your system.
Monitoring software should also be considered so you can report any breaches within the time frame set out by GDPR.
The majority of successful hacking attempts come through email. That’s how Wannacry infiltrated the NHS in 2017, which means someone opened the email with the virus in it.
Spoofed emails containing viruses and malware can be used to access your system. These emails can easily be identified if staff are educated to spot them, significantly reducing the threat of hacker accessing your system and getting your data.
Work with trusted experts
Working with trusted cyber security experts will help you to understand the risks to your business. Cyber security experts, like 5 Rings Group, can review your systems for weakness and threats and help you come up with an entire protection strategy for your business.
Cyber security doesn’t have to be expensive though. We encourage businesses to adopt a risk-based, proactive mind-set to cyber security. Once you under the risks to your business you can assess where and what measures to implement.
Given the multiple ways hackers can infiltrate your business and the effect a data breach can have, can you really put a price on protection?