When cybersecurity stories about data leaks and breaches appear in the media, the narrative is almost always the same. Simply replace the company name, number and type of stolen records, and you have a copy and paste article that in recent years has been hitting headlines all too frequently.
From a cybersecurity perspective, what these stories often fail to address is how affected customers should react in the event that a company they have shared their personal information with has announced a breach. Who does it affect - customers who shared their information in recent months, or even years? Precisely what information was stolen, and does it differentiate between those affected? How can this information be used, and how is it possible to tell if someone has been targeted as a result of a particular incident?
In high profile cases, some companies have set up dedicated helplines to assist concerned or affected customers - British Airways and Marriott both responded to serious breaches in this way. However many companies don’t have a budget that allows for such reactive measures and fail to invest in proactive solutions that could help to prevent issues in the first place. Ultimately, with a vast proportion of companies neglecting cybersecurity, either in terms of assigning personnel or spend to help safeguard the issue, the scale of the problem continues to grow.
Large firms are reported to spend as little as 0.2% of their annual revenue on cybersecurity each year, while many SMEs fail to invest altogether and as a result, suffer the consequences. In the last three months alone, DynaRisk has seen over 50 small businesses leaking information that criminals can freely obtain and abuse. The majority of these businesses have under 200 employees but have leaked 2,275,550 customer records on average; the highest of all totaling over 300 million records.
In the coming years, the biggest priority for both businesses and consumers should be understanding the depth and breadth of the dangers they face and ways to overcome them. But the constantly evolving threats and sophisticated hacking techniques being deployed by criminals require extensive monitoring and expertise, making it difficult to keep up.
It is more important than ever for small businesses and consumers to protect themselves using tools and services that fight cybercrime in ways that anti-virus can’t. For SMEs in particular, the benefit of creating a company-wide awareness of cybersecurity means that with the right infrastructure and tools, all bases are covered which greatly minimizes the risk of attack.
By identifying the departments, employees and processes most at risk, precautionary measures can be taken to ensure that the company is protected on a deeper level.
To remedy the growing threats facing consumers and SMEs, DynaRisk created the world’s first Cybersecurity Score - similar to a credit score - which can help individuals to understand exactly how safe they are online. Displayed in a dashboard alongside a personalized action plan, the score - and algorithm behind it - is designed to help improve and manage a person’s online security and minimize their risks of attack.
DynaRisk has also compiled a database containing over 14 billion stolen records, to which over 150 million records are added each month. If a user is discovered in an existing or newly added breach, they are notified along with advice on what to do next.
Over 60% of small businesses collapse within six months of a cyber-attack, therefore it’s increasingly important to invest in cybersecurity while consistently educating staff and customers. Hackers can break into email accounts to commit fraud, takeover social media accounts, post vulgar comments to damage reputations and much more. If information is breached or leaked it’s important to act quickly to minimize damage; however preventing data loss should always be the priority.
Aside from investing in the right cybersecurity management tools, SMEs should look to implement in-house measures to protect both staff and customers. Two-factor authentication, password managers and employee training sessions are just some of the ways to improve overall safety practices and cyber hygiene, even on a small budget.
This is part of a blog series provided by CyLon, who find, grow and invest in the world’s best emerging cyber businesses, via its tailored acceleration programs in London and Singapore. Since 2015 CyLon has supported more than 80 companies and has a portfolio of international companies valued at more than £400m. For more information, visit cylonlab.com.