In August 2016, Bitcoin announced a serious data breach that wipes millions off its share value. According to Data Breach Today, the theft of $69 million worth of bitcoins from a Hong Kong-based exchange, highlights the continuing challenges around keeping large quantities of digital currency out of the reach of hackers.
We’ve been reporting data breaches like this on a regular basis and the message seems to be spurring business owners into action. This year more organisations than ever have achieved certification to the internationally recognised Information Security Management Standard, ISO 27001.
But according to a survey carried out by Lieberman, some businesses still aren’t taking the threat seriously enough. Their findings show:
- 68% of those surveyed believed that they have more access to sensitive information than colleagues;
- 39% of IT staff can get unauthorised access to their organisation’s most sensitive information;
- If laid off tomorrow, 11% would be in a position to take sensitive information with them.
Unfortunately, smaller companies can’t assume it’s just big companies and household names, who are at risk. Research shows SMEs are just as vulnerable. A government survey showed 22% of small businesses have suffered staff-related security breaches. And the cost of breaches continues to rise too.
ISO 27001 will help reduce risks
Many of our clients are finding that customers, in particular, are now asking question such as:
- How safe is my information?
- Who has access to it?
- Is it backed up?
- What would the consequences be of it getting into the wrong hands?
As each new security breach is reported, the number of questions from customers increases! If you haven’t been asked yet, it won’t be long!
It really is time for businesses to think about how best to protect themselves, their reputation, and their clients.
It’s certainly a case of “prevention is better than the cure.” Putting controls in place does cost money but it’s significantly cheaper than having to deal with the consequences of a breach and the resulting loss of business
More and more organisations want a best practice approach to dealing with these common risks. The ISO 27001 for Information Security Management is the benchmark standard; with global recognition.
ISO 27001 is a set of requirements defining how to assess and manage risk, who should have access rights and the processes and procedures to maintain the required levels of security.
In the past it was a standard for the IT department; now it’s filtering down the supply chain as public and private sector organisations protect the risks to their reputations when considering unproven suppliers.