Research shows the most likely victims of attack however do not be fooled into thinking you’re immune.
As a cyber-security specialist I was recently asked to speak at the UK200Group Annual Conference in Southampton, the UK’s leading association of independent chartered accountants and law firms, representing more than 150,000 UK SMEs.
I am acutely aware that the financial, legal and public sectors currently attract the most cyber-criminal attention, and for very good reason. However, it would be foolish to believe that those operating in any other vertical are any less susceptible to data breaches. On the contrary, without adopting a pragmatic approach to cyber security it really is a case of when you are compromised, not if.
The most significant threats today include:
- malware that encrypts and threatens to destroy, permanently remove access to, or publicly post data unless a victim makes payment, often increasing as time elapses.
Phishing and Whaling (AKA CEO Fraud)
- A malicious attempt to acquire sensitive information by masquerading as a trustworthy source via email, text, pop-up message, or to coerce an employee into making a money transfer.
Exploitation of software vulnerabilities
- Flaws, glitches, or weaknesses discovered in software.
And, of course. the insider threat,
whether malicious or accidental, which according to research may account for more than 50% of all reported data breaches.