6 measures you can perform to protect your business from cyber incidents

27% of Norwegian organizations experienced undesirable security incidents in 2016. 4 out of 10 cyber incidents led to a loss in production, but most of the participants were unable to give accurate numbers regarding the costs of the...

Published January 18, 2019

1 minute read

27% of Norwegian organizations experienced undesirable security incidents in 2016. 4 out of 10 cyber incidents led to a loss in production, but most of the participants were unable to give accurate numbers regarding the costs of the attacks.

It is a general assumption that a large number of incidents never are recorded at all. The Verizon Data Breach Investigation Report for 2016 shows that only about 25 % of security breaches are discovered within days. The Mandiant M-Trends report from 2015 however shows that the average time from an information security breach happens until it is discovered in average is 146 days.

It is a general misconception that all cyber security breaches are criminal acts. Many cyber-attacks actually come from youth experimenting with how far they can push the line or from massive non-specific attacks. Some hacks are accidental and quite a few security incidents are pure mishaps, accidental breaches or lack of competence.

Even if you have a small business or you consider your information assets of little value to outsiders, your assets have value to you and your day to day operation. How long can you operate without access to your files and archives, online services, a PayPal solution or even the information you provide on your webpage?

To ensure your continued day to day operation, take the following measures to protect your business from cyber incidents:

  1. Train your employees in cyber security and awareness regularly
  2. Establish policies and routines for access and information security and require compliance
  3. Keep your software and hardware updated
  4. Keep updated on new cyber threats
  5. Implement barriers such as two-factor authentication, firewalls and back-up
  6. Plan ahead and ensure your ability to handle incidents if they occur.

Sources

Næringslivets sikkerhetsråd (The Norwegian Business and Industry Security Council): Mørketallundersøkelsen 2016

Stanford Law School Conferences: The Verizon Data Breach Investigation Report for 2016

 


Author Harald Axelsen

Harald has over 20 years experience in sales, marketing and consultancy in emergency preparedness and crisis management. Background from companies such as Safetec, One Voice, UMS and Nordea.

Our related posts

| occupational safety
COP27 – Three Key Takeaways for Business

Commentators have offered mixed reactions now that the dust has settled on COP27. Where the Loss and Damage (L&D)...

| occupational safety
How to Write an Incident Report

“If you can’t measure it, you can’t improve it.” (Peter Drucker). That’s the adage that lies behind the policy of...

| occupational safety
Video Clips: How to achieve safety excellence in your organisation?

Truly embodying health and safety excellence is a difficult task, no matter your industry, company size or experience....