Business Law: No size of business is immune to cyber attacks, warns Jennifer Howard Dobson
PUBLISHED: 17:07 19 September 2017 | UPDATED: 17:07 19 September 2017
In recent months, there has been a spate of cyber-crime stemming from ransomware infiltrating large businesses on a global scale.
There appears to be very little discrimination as to the type of industry sectors targeted. Whilst the estimated sum of €50,000 was paid in ransom to the creators of WannaCry, the financial impact on companies is projected to run into the billions of dollars not forgetting the negative emotional impact particularly on those that suffered through the NHS’ attack.
Whilst our British stoicism meant that NHS medical staff did their best to work around the situation, clearly it is preferable that ransomware should never have been able to access the NHS systems in the first place.
No size or type of business is immune to a cyber-attack and therefore it is important to check the safeguards your business currently has in place. The following steps may be helpful:
1. Review threat detection and anti-malware software. Any relevant updates offered by your software provider should be installed as soon as they become available. It might be prudent to review your contracts with your IT service and software providers to ensure that automatic updates themselves won’t leak ransomware into your systems.
2. Comprehensively and securely back up your computer systems and data.
3. Carry out formal cyber security training for all staff members.
4. Make cyber risk a regular discussion matter for the company board.
5. Whilst investment into cyber security is key, it is not always financially possible to install protections in one go. By evaluating key assets and data that may be targeted and protecting those in the first instance, this should help focus efforts and expenditure on the key elements on the business most at risk.
6. Set up an Attack Response Plan as part of business continuity policies and ensure the plans and policies are practiced so any remaining vulnerabilities can be identified and remedied.
• Jennifer Howard-Dobson is a a solicitor within the corporate commercial at Ellisons. To contact her, email firstname.lastname@example.org or call 01473 556900.