Change language
Change country

How to prepare for a data breach

Implement the right security measures to reduce exposure to cyberattacks.
hands working with a computer

If you follow the news, you’ve probably noticed that cyberattacks are on the increase. In recent years, we’ve seen an alarming number of companies fall victim to cybercriminals, including large multinationals that you would usually expect to be protected by impenetrable security.

However, hackers are growing increasingly sophisticated and brazen, and well-known companies are not the only ones at risk – they are merely the biggest headline grabbers. Many small-to-medium-sized businesses underestimate the risks. They are reluctant to invest in security because they assume nobody would target them, but this attitude plays right into the hands of the hackers.

To help you understand the shocking scale of the problem, European privacy authorities have received almost 90,000 data breach notifications since the GDPR went into full effect in May 2018. A survey carried out by the British government discovered that in the UK alone around a third (32%) of businesses and two in ten charities (22%) experienced cyber security breaches or attacks in 2018. The statistics leave no room for doubt: the likelihood of your business suffering a data breach is so high that you shouldn’t be planning for if it happens, but rather for when.

With experts forecasting that the cost of cybercrime will surpass €5 trillion by 2021, now is the time to prepare for the inevitable. Implement the right security measures early on in order to reduce exposure, minimise damage, and focus on running your business. 

Prevent data breaches the easy way 

The best way to protect your business against data breaches is by bulking up your defences to make it harder for unauthorised individuals to gain access to your systems. There are a number of steps you can take to lower the risk of cyberattacks, including increased security spending and education. 

 

1. Basic security measures

External data breaches usually occur when criminals gain access to a device that’s connected to your network, for example an employee’s laptop or smartphone. According to a 2018 study on cybersecurity threats by PT Security, malware is the most commonly used tactic, accounting for 49% of instances, while social engineering (25%), and hacking (21%) were listed among other frequently used methods.

Fortunately, the solution is simple. Installing anti-virus and anti-phishing software on all endpoint devices would create a first line of defence against these types of attacks. In addition, any hardware or software that is exposed to your network should be updated regularly so that organisations can stay one-step ahead of the hackers. Solutions like KYOCERA Device Manager provide a user-friendly way to update security software across your entire printer fleet.

While external attacks definitely represent a serious problem, perhaps more alarming are those carried out by internal employees with malicious intent. Crowd Research Partners’ 2018 Insider Threat Report estimates that these account for roughly 36% of attacks. It can be difficult to achieve the right balance, giving your employees enough access to sensitive data to fulfil their tasks, but with enough restrictions to prevent them from stealing it.

In this situation, content management software could resolve the issue by giving you complete control over who accesses all the apps and data in your organisation. By keeping track of who views, copies, or modifies company files, you can spot unusual activity before it becomes anything more serious. Even without dedicated software, you should periodically review who is authorised to access which systems, devices, and networks. Also, don’t forget to cancel access rights for employees that leave the company, and reset passwords frequently to keep sensitive information safe.

 

 2.   Educating the workforce

Here it’s worth pointing out that not all internal data breaches are intentional. In recent years, there’s been a spike inaccidental data leaks. Too often, businesses underestimate the risks of employees inadvertently sharing sensitive information, but the 2018 Insider Threat Report estimates that 30% of security events can be attributed to careless or uninformed employees. This represents a huge threat that you can’t afford to ignore.

It’s essential to increase security awareness in the workspace. Many employees prefer to transfer sensitive data using their personal email or unsecured cloud drives because it’s more convenient and they don’t understand the potential dangers. Simple mistakes like these are due to ignorance, but they could have serious consequences for your company’s reputation and balance sheet.

People represent the weak link when it comes to data security, but education could reduce the risk. Employees need to be shown how to detect suspicious links, attachments, and applications; we would also recommend organising a few training sessions to teach them how to spot and report phishing attempts. Ultimately, you want everybody working together to beat the cybercriminals.

Security awareness campaigns are a useful way to spread the word about the importance of choosing the right passwords. Enforcing strong passwords should be a policy throughout your organisation. Your employees should not be using the same password for every device, each one should be unique, difficult to guess, and contain special characters. For an added level of security, you could even introduce multifactor authentication (MFA) using captchas or biometric data like fingerprints.

 

What does all this mean for your business?

Unfortunately, according to the statistics there’s a good chance that your business will experience a data breach at some point. It’s unwise to assume that only household names will be targeted, and one thing you should never do with criminals is underestimate them. Take the necessary steps early on to reduce the likelihood of becoming a victim and be as prepared as possible for when you are attacked. This involves implementing the right security measures like anti-virus software and access controls, while also educating your workforce about the risks of accidentally revealing sensitive information.

printer icon

Minimise security risks with KYOCERA Device Manager

KYOCERA Device Manager is a server-based software solution that enables users to manage thousands of devices from a single, centralised location. This makes it possible to update firmware and certificates across entire fleets at the click of a button, strengthening your first line of defence.

Talk to us, we're human

Our support team is here to help you with any queries about Kyocera products and services.

Les cookies et votre vie privée

Nous utilisons des cookies essentiels pour assurer le bon fonctionnement de notre site web, des cookies statistiques pour mieux comprendre comment notre site web est utilisé et des cookies marketing pour adapter nos publicités à vos besoins. En sélectionnant "Tous les cookies" vous consentez à ce que ces cookies soient placés sur votre appareil. Vous pouvez sélectionner vos préférences en matière de cookies à l'aide du bouton "Paramètres" ou sélectionner «Cookies essentiels» pour rejeter tous les cookies et ne garder que les essentiels. En fonction des préférences de cookies que vous choisissez, il se peut que la fonctionnalité complète ou l'expérience utilisateur personnalisée de ce site web ne soit pas disponible.

Préférences Cookies

Champ obligatoire

Nous utilisons des cookies pour nous assurer du bon fonctionnement de notre site Web ou, à l'occasion, pour fournir un service à votre demande (comme la gestion de vos préférences en matière de cookies). Ces cookies sont toujours actifs, sauf si vous configurez votre navigateur pour les bloquer, ce qui peut empêcher certaines parties du site Web de fonctionner comme prévu.

Champ obligatoire

Ces cookies nous permettent de mesurer et d'améliorer les performances de notre site Web.

Champ obligatoire

Ces cookies ne sont placés que si vous donnez votre consentement. Nous utilisons des cookies marketing pour suivre la façon dont vous cliquez et visitez nos sites Web afin de vous montrer le contenu en fonction de vos intérêts et de vous montrer une publicité personnalisée. Actuellement, vous n'acceptez pas ces cookies. Veuillez cocher cette case si vous le souhaitez.