What do beer orders in Japan, manufacturing cars in England, and accounting software in the US have in common? They all recently came to a grinding halt due to sophisticated cyber-attacks.
Asahi, who was unable to process orders for bars and restaurants across Japan, resorted to sending their workforce out to take orders via paper. Imagine if your business had to process everything via paper. I’m not sure there are many businesses that can remember a time when everything was processed via paper…
Modern businesses depend on global internet services, so it’s no longer enough to lock your doors to deter local burglars. You now need to defend your business against a world full of cybercriminals. Jordan Gall – Cyber Professional
Learnings for one. Learnings for all.
Whilst Asahi, Jaguar, and Xero are global giants, the lessons learned from their recent outages are highly relevant for small and medium businesses, and especially for those of you that deal with client data, where the stakes are higher:
- It’s ultimately not possible to prevent every outage or incident, so planning for them and running simulated attacks will put you in the best position to minimise their impact.
- Securing your critical systems and training your team on the most common cyber threats must be prioritised. Downtime almost always equals lost revenue.
- Provide your team with alternative solutions where necessary to provide continuity for offline systems, even if this is in a reduced capacity while the main system is restored.
You don’t need to double-up on your tech infrastructure, but with appropriate security and a review of critical systems, you can keep operating when most businesses would fall over.
Don’t forget your users
Most successful cyber hacks are caused in some degree by human error, and the recent incidents are no different. This highlights that no organisation is immune to cyber threats.
Most breaches occur due to user error, clicking on malicious links, not paying attention to obvious spam, or neglecting security protocols. This underscores the importance of robust cybersecurity measures that can prevent mistakes from being made, but also the importance of ongoing education amongst your teams.
What can you do today?
Whilst hiring a dedicated team of cyber professionals on six figure salaries is ideal, we appreciate this may be overkill for most businesses. For those of you without unlimited budgets, we recommend –
- Assign someone in your management team to be responsible for Business Continuity and cybersecurity. They don’t need to be an expert, or even particularly knowledgeable, but putting it on the list of management actions can be very effective to drive appropriate actions and bring the conversation to the table.
- Invest in tools that protect core systems, with a particular focus on user mailboxes and devices.
- Conduct a review with your team on critical systems. Awareness will go a long way to helping you navigate if you have any issues.
If you’re already on your cyber journey, you may also want to consider reviewing and updating your IT policies and staff training programs and potentially conducting an audit of your cybersecurity tools to make sure they’re up to date and fit for purpose.
We hope this acts as a friendly reminder. Please feel free to forward it to anyone you know that runs a business.
As always, if you have any questions or I can help with anything, please feel free to reach out.