Cyber attacks loom large every day in our ever-more connected world. As I have said before in previous blog posts, more and more cases of cyber attacks are appearing in the headlines on a daily basis, such as the recent case of Mole Valley District Council.
From reading the news, it would seem that only large institutions or government departments suffer data breaches. Is it that these organisations are more susceptible to cyber attacks, or is it simply because they are more likely to admit to suffering a data breach?
Large organisations and government departments tend to ‘own up’ after having been compromised. A case in point from the last couple of weeks is Emory State University, USA. Shortly after learning they had suffered a data breach, the university took measures to ensure both faculty and students were protected by making an announcement to those concerned.
Our perception of cyber security issues and that large organisations and government departments are more susceptible is wrong. More often than not, large organisations are better prepared and more resilient than smaller organisations. They have more resources at their disposal and are often regulated more stringently to handle situations such as a data breach.
But what can SMEs do to ensure they are prepared, should a cyber attack occur? The simple answer is to take a balanced approach to cyber security that combines people, processes and technology. A balanced approach to cyber security is offered in PAS 555:2013. This offers an outline of what effective cyber security looks like, rather than focusing on how to achieve it. This means you can focus on using your own internal best practices and ways of working to achieve effective cyber security.
By reading these documents and getting started with cyber security, you can really make a difference!