Keeping you up to date with plain language explanations of your obligations and liabilities under data protection law, electronic law and privacy law. With a touch of cybersecurity and trends like blockchain and quantum computing.
While everyone seems to be talking about cyber security measures and mechanisms, just how much risk is at play? While it may hit the headlines on a regular basis, complacency around cyber security seems just as popular. But it's not just the IT Department's problem: cyber risk exists at every level of your organisation. Don't panic just yet though - there are robust and reliable ways to navigate and secure your company's data and assets.
As our world becomes more and more dependent on digital communications and our online personas, understanding cyber risk is important. But, the higher priority must, of course, be: what to do about it. By definition, cyber risk means the risk your business takes in terms of potential financial loss, brand damage, operational disruption, or data loss.
Your company's level of cyber risk is linked to three important levels of access. These can be summarised by answering three questions, which will help you to isolate what cyber risk level your company operates at. These questions are:
It's not just you
But, you can have the best network infrastructure, that offers top level security even the CIA would be proud of...and your business would still be at high risk. Implementing robust cyber security measures doesn't end with your operations; it must be reflected in the systems and businesses your company relies upon too. We'll use the example of a well-known low-level online design programme, Canva, here. Canva is a popular platform for creating beautiful images to be used for social media, online media, and even print.
The Canva example
In 2019, Canva was hacked, with usernames and passwords exposed. This meant that anyone who had that data could log in to a particular user's account, use their images, or access payment information. While the majority of Canva's users are casual, many of the remainder are involved in creating images for clients that include or refer to a company's intellectual property. Moreover, users' payment information could be accessed. If a Canva user was involved in creating imagery for a top-secret campaign for a business, that was embargoed until a certain date, all that information and imagery could now be accessed and used by anyone who had the user details. As a result, confidential information, stored on an external service provider's platform, put a business at risk - and it wasn't even their platform to begin with, never mind their hack.
Assessing and acting upon your company's level of cyber risk is the most important part of your cyber security programme. That overwhelmed feeling should not lead you towards complacency. Instead, use it as a motivator to assess your company's level of cyber risk, and act on it. ProPrivacy can help.