The COVID-19 crisis and the economic conditions it has created have, in a very short space of time, created a ‘sink or swim’ environment for many British businesses. There’s those that are unfortunately struggling to adapt, and those that have taken the changes on the chin – and everything in between.
In our series of blogs on the modern workplace is everywhere, we are looking into the ways that the homeworking and remote working dynamic is changing with our without COVID, with the aim of helping businesses adapt quickly and efficiently to the changing conditions. This article deals with the ever-present security consideration for growing businesses, and builds on the concept that we discussed in our previous article – that every company is in fact now a technology company – some willingly, and some not so willingly.
But whether your business has fully embraced the digital revolution, it’s vital to accept and make the ensure that everything in your business from HR systems and recruitment through to manufacturing processes and marketing automation is adequately protected by the right security provisions.
Security is a necessary evil
With companies looking to grow and navigate the COVID crisis, IT security for growing businesses can generally be filed under the “necessary evil” category – or to be even more frank, it’s a bit of a nuisance. But with IT touching almost every aspect of modern business from the reception desk to the boardroom and everything in between, a cyber attack can, and does, have catastrophic consequences for small businesses.
While it’s the big corporations that hit the headlines, smaller organisations are hit just as regularly, and although not as newsworthy, the results can be equally as devastating financially and reputationally. Don’t take our word for it – ITGovernance.co.uk produce a handy roundup of global and UK cyber attacks each month, and in April 2020 this list unfortunately included Warwick University and Zaha Hadid Solicitors in the UK amongst others.
While this isn’t a stats-shouting exercise, it’s probably also useful to note recent Cisco research which found that 53% of midmarket companies have experienced some kind of cyber security breach or another, and that of those companies, only 71% said that the breaches cost them less than $100k. In other words, not only are the threats real and common, but they are also serious.
What’s the solution?
There’s a plethora of holistic and point solutions of all shapes and sizes on the market today, but for us, the best defence against modern cyber security threats are those that are coordinated and orchestrated across IT resources and the broader business – those ‘resources’ being the people, processes and technology that the business can assemble in efforts to deter attacks. In other words, security isn’t just “IT’s problem” anymore – and businesses that maintain that attitude will often be found wanting.
Once there is buy-in across the business, it’s then about focusing on the right priorities for your business, and this can be equally difficult. In establishing yours, food for thought can be drawn from a Cisco benchmark study which found that small business are increasingly likely to:
• Upgrade endpoint security protect against more sophisticated advanced malware protection
• Consider better web application security to counter web-based attacks
• Deploy intrusion-prevention to stop network attacks and exploit attempts.
Other considerations and challenges when deciding on your cyber security portfolio is assessing the interoperability between tools, and also the management time needed to manage multiple dashboards and consoles to monitor and respond to security threats.
How can I evaluate my cyber security strategy and implement the right portfolio of tools?
Keep checking back to our website and social media over the coming weeks as we discuss different ways of facilitating modern working practices for small businesses. We also have a live webinar on Friday 5th June at 10am BST, in which we’ll provide expert guidance on the latest innovations across all the core areas of IT: networking, security, collaboration and compute.