Brexit has created an enormous amount of uncertainty in the business sector, and across society in general. However, there is one variable that businesses, and individuals, can be certain about and that is the evolving threat of cyber criminals.
Since the United Kingdom (UK) voted to leave the European Union (EU) in 2016, businesses have faced numerous challenges when it comes to decision-making and planning, especially in terms of investment.
Whether the UK leaves the EU with or without a deal, most businesses have been investing heavily in contingency planning for a ‘No Deal Brexit’, including:
- Delaying investments;
- Reviewing prices to account for tariffs;
- Investing in stockpiling;
- And much, much more.
Stockpiling is becoming increasingly popular as a result of Brexit, for companies on both sides of the English Channel. The German firm ‘WEPA’ is currently stockpiling 3.5 million toilet rolls in the UK to avoid any customs delays. One of the implications of a ‘no deal’ is that shipping products into the UK would become very difficult due to customs checks and changes to border rules.
However, uncertainty arising from Brexit has already produced a tangible impact on UK business.
With the result of UK and EU negotiations firmly out of the hands of businesses, much of this short-term contingency planning has no growth value, meaning businesses are effectively ‘on-hold’ until the economic landscape becomes clearer and more certain.
However, there are some certainties businesses can focus on during these difficult times; Death and taxes are not the only certainties in life, as the old adage goes.
Whether the UK leaves the EU with a deal or not, cyber criminals will seek to steal data from your business regardless. And with the resources of a business stretched by contingency planning, cyber criminals are expected to take full advantage.
Investment in cyber security must be a business continuity priority – your response is one of the few certainties that your business can count on.
Cyber Security is such a threat to UK businesses and individuals, the Government has invested in a TV campaign to put cyber security at the heart of everyone’s consciousness.
Brexit and the bigger picture
Brexit has dominated the political agenda for the past five years. This has left important domestic issues somewhat sidelined from the mainstream discourse as a result.
Similarly, it’s easy for some businesses to allow cyber security to slip down the agenda, replaced by potentially critical business issues that may need to take priority.
However, there is a bigger picture.
Cyber security is a critical issue and a key contributor to growth, but it is a bigger picture than just keeping your data locked up.
Cyber security is multi-faceted and affects every element of your business, including your bottom line, which is why it needs a multi-layered, strategic approach. It’s not just a firewall and email screening anymore. To stay safe and remain in business you need to address the whole cyber security picture; prevention, barrier, resolution.
People are your business
One area affected by the Brexit uncertainty is the unsettling effect it is having on your employees.
Anxiety over job security, house prices, medical shortages, and goods availability (leading to stockpiling activity) could mean that your staff are less likely to be at full concentration whilst at work.
A distracted or worried member of staff could be even more likely to open a rogue link in a phishing email or download a stray attachment, opening the door to a malware payload.
It has been proven that end users can be the weakest link in any business’s cyber security defenses, and this is a key area that cyber criminals are looking to exploit. The psychological nature of phishing emails is a prime example of this.
Enterprise-grade antivirus and email security solutions can help mitigate this risk by blocking the most common cyber criminal attacks from all of your end points. Updated regularly, these software solutions can help to keep your users, and your business, safe from potential threats.
But this is just one aspect of cyber security.
Ongoing IT awareness training should also be invested in to keep cyber security prevention front of mind. Investing in IT staff training means that your business is saving money long-term.
But, like all safeguarding measures, they require more than financial investment. Time, effort, and leadership commitments are also required to achieve a true ROI.
Securing your network post-Brexit
Brexit brings enormous uncertainty when it comes to data transfer. Regardless of the Brexit outcome, if your data is stored outside the UK, you will need to check all your sales contracts to ensure you are still compliant with their data terms and conditions.
If you run any part of your IT systems through the cloud, you will need to check where those data centers are housed and that you are not contravening any data compliance agreements your business is adhering to. Additionally, it is important that you have the most robust network security solutions in place to ensure the data that is housed in the cloud is not vulnerable.
Equally, if you are running your IT systems and data on an SBS 2008 server, you are probably aware that Microsoft is withdrawing software support at the beginning of 2020. Whilst not a direct issue, it is indicative that the software and hardware are no longer fit for purpose and will require significant investment to bring your network security up to standard.
This reduced level of investment in cyber security is happening due to the uncertainty Brexit is creating – businesses, especially SMEs, are holding onto their cash reserves, just in case they need it in the coming months, and it’s leaving them vulnerable.
An old, overloaded, or unsupported server could lead to ransomware attacks, malware payloads, or hardware failure, all of which could spell disaster for your IT systems, and ultimately, your business.
Business continuity: the essential component
Can we justifiably refer to Brexit as a disaster? I’ll leave you to draw your own conclusion to that questions. However, what we can say for certain is that it is leaving businesses vulnerable to disasters and if you don’t have the right backup systems in place, the future of your business is at risk.
The ability to keep your business up and running throughout a crisis is what gives you an advantage over your competitors who cannot. If you were hit by a cyber attack, could your business still be able to run as normal?
Would you able to communicate with customers and suppliers via email? Could you access your data and systems? And could you fulfil orders and bill customers?
If not, imagine the impact on your business in these economically uncertain times – disaster!
Most businesses are familiar with the concept of backing up data and having a copy of it. What they aren’t aware of is the fragility and vulnerability of this basic method of backup.
Having a multi-layered backup solution, often referred to as Business Continuity and Disaster Recovery (BCDR), allows your business to keep trading following a cyber attack, natural disaster, hardware failure, or theft. Whatever the disaster, these types of backup solutions will protect your business, but they do require investment.
Being prepared for a cyber attack is extremely important – it is no longer a case of if, but when you are attacked.
Brexit, the dark web, and certainty
We have already discussed stockpiling in relation to mitigate some of the uncertainty. The same concept applies to cyber security – what if you knew your business data had been stolen BEFORE it gets into the hands of a really dangerous criminal?
This is exactly what dark web monitoring allows you to do. The way most cyber criminals operate is to establish a vulnerability, access your business credentials, scrape them and sell them on the dark web to a criminal who wants to wreak havoc on an easy target – your business.
If someone else had access to your IT systems, they would be able to take ownership of your information. This would provide them with an open door to your entire business’ data and systems, meaning your business could become a host to ransomware or malware that can hold your entire system and data hostage.
Dark web monitoring allows you to search and monitor the dark web for any credentials that might have already been compromised, through a system weakness, a careless member of staff, or even a chance encounter with a public WiFi network.
If you come across any leaked data, you can immediately change passwords and implement stronger login procedures such as multi-factor authentication. Thus, securing your business and rendering the credentials for sale on the dark web worthless.
Neuways Cyber Security Breakfast event
Brexit is creating unprecedented levels of uncertainty, not just commercially with the economy, but personally with society on the brink of civil unrest fueled by frustration and fear of the unknown.
In these uncertain times, it is essential to have control over the things that are going to ringfence and safeguard you and your cyber security.
Having a cyber security strategy that creates strong and stable IT systems will give you peace of mind and confidence that your business is going to survive whatever the future holds, because its data, systems, and processes are secure.
Neuways is here to help you with your cyber security. On 14th May 2019 we are hosting a Cyber Security Breakfast event to highlight some of key strategies you can implement in your business to keep it safe for the future.