Change language
Change country

How to prepare for a data breach

Implement the right security measures to reduce exposure to cyberattacks.
hands working with a computer

If you follow the news, you’ve probably noticed that cyberattacks are on the increase. In recent years, we’ve seen an alarming number of companies fall victim to cybercriminals, including large multinationals that you would usually expect to be protected by impenetrable security.

However, hackers are growing increasingly sophisticated and brazen, and well-known companies are not the only ones at risk – they are merely the biggest headline grabbers. Many small-to-medium-sized businesses underestimate the risks. They are reluctant to invest in security because they assume nobody would target them, but this attitude plays right into the hands of the hackers.

To help you understand the shocking scale of the problem, European privacy authorities have received almost 90,000 data breach notifications since the GDPR went into full effect in May 2018. A survey carried out by the British government discovered that in the UK alone around a third (32%) of businesses and two in ten charities (22%) experienced cyber security breaches or attacks in 2018. The statistics leave no room for doubt: the likelihood of your business suffering a data breach is so high that you shouldn’t be planning for if it happens, but rather for when.

With experts forecasting that the cost of cybercrime will surpass €5 trillion by 2021, now is the time to prepare for the inevitable. Implement the right security measures early on in order to reduce exposure, minimise damage, and focus on running your business. 

Prevent data breaches the easy way 

The best way to protect your business against data breaches is by bulking up your defences to make it harder for unauthorised individuals to gain access to your systems. There are a number of steps you can take to lower the risk of cyberattacks, including increased security spending and education. 

 

1. Basic security measures

External data breaches usually occur when criminals gain access to a device that’s connected to your network, for example an employee’s laptop or smartphone. According to a 2018 study on cybersecurity threats by PT Security, malware is the most commonly used tactic, accounting for 49% of instances, while social engineering (25%), and hacking (21%) were listed among other frequently used methods.

Fortunately, the solution is simple. Installing anti-virus and anti-phishing software on all endpoint devices would create a first line of defence against these types of attacks. In addition, any hardware or software that is exposed to your network should be updated regularly so that organisations can stay one-step ahead of the hackers. Solutions like KYOCERA Device Manager provide a user-friendly way to update security software across your entire printer fleet.

While external attacks definitely represent a serious problem, perhaps more alarming are those carried out by internal employees with malicious intent. Crowd Research Partners’ 2018 Insider Threat Report estimates that these account for roughly 36% of attacks. It can be difficult to achieve the right balance, giving your employees enough access to sensitive data to fulfil their tasks, but with enough restrictions to prevent them from stealing it.

In this situation, content management software could resolve the issue by giving you complete control over who accesses all the apps and data in your organisation. By keeping track of who views, copies, or modifies company files, you can spot unusual activity before it becomes anything more serious. Even without dedicated software, you should periodically review who is authorised to access which systems, devices, and networks. Also, don’t forget to cancel access rights for employees that leave the company, and reset passwords frequently to keep sensitive information safe.

 

 2.   Educating the workforce

Here it’s worth pointing out that not all internal data breaches are intentional. In recent years, there’s been a spike inaccidental data leaks. Too often, businesses underestimate the risks of employees inadvertently sharing sensitive information, but the 2018 Insider Threat Report estimates that 30% of security events can be attributed to careless or uninformed employees. This represents a huge threat that you can’t afford to ignore.

It’s essential to increase security awareness in the workspace. Many employees prefer to transfer sensitive data using their personal email or unsecured cloud drives because it’s more convenient and they don’t understand the potential dangers. Simple mistakes like these are due to ignorance, but they could have serious consequences for your company’s reputation and balance sheet.

People represent the weak link when it comes to data security, but education could reduce the risk. Employees need to be shown how to detect suspicious links, attachments, and applications; we would also recommend organising a few training sessions to teach them how to spot and report phishing attempts. Ultimately, you want everybody working together to beat the cybercriminals.

Security awareness campaigns are a useful way to spread the word about the importance of choosing the right passwords. Enforcing strong passwords should be a policy throughout your organisation. Your employees should not be using the same password for every device, each one should be unique, difficult to guess, and contain special characters. For an added level of security, you could even introduce multifactor authentication (MFA) using captchas or biometric data like fingerprints.

 

What does all this mean for your business?

Unfortunately, according to the statistics there’s a good chance that your business will experience a data breach at some point. It’s unwise to assume that only household names will be targeted, and one thing you should never do with criminals is underestimate them. Take the necessary steps early on to reduce the likelihood of becoming a victim and be as prepared as possible for when you are attacked. This involves implementing the right security measures like anti-virus software and access controls, while also educating your workforce about the risks of accidentally revealing sensitive information.

printer icon

Minimise security risks with KYOCERA Device Manager

KYOCERA Device Manager is a server-based software solution that enables users to manage thousands of devices from a single, centralised location. This makes it possible to update firmware and certificates across entire fleets at the click of a button, strengthening your first line of defence.

Talk to us, we're human

Our support team is here to help you with any queries about Kyocera products and services.

Cookies og dit privatliv

Vi bruger essentielle cookies for at gøre interaktioner med vores website lette og effektive, statistiske cookies for at vi bedre kan forstå hvordan vores website bruges og marketing cookies til at skræddersy reklamer til dig. Du kan styre dine cookie-præferencer ved at bruge 'Præference' knappen nedenfor, eller vælge 'jeg accepterer' for at fortsætte med alle cookies.

Cooke præferencer

Vi bruger cookies for at sikre os, at vores website fungerer som det skal, eller indimellem for at yde en service til dig hvis du beder om det (som f.eks. at administrere dine cookie præferencer). Disse cookies er altid aktive, medmindre du sætter din browser til at blokere dem, hvilket muligvis forhindrer websitet i at fungere som forventet.

Disse cookies giver os mulighed for at måle og forbedre ydelsen på vores website.

Disse cookies placeres kun i tilfælde af at du giver dit samtykke. Vi bruger Marketing Cookies til at følge, hvordan du klikke på og besøger vores websites, så vi kan vise dig indhold baseret på dine interesser og for at vise dig personlig reklame. I øjeblikket accepterer du ikke disse cookies. Markér check boxen, hvis du gerne vil.