When considering what security threats might affect our business, most of us probably think about digital security. Is the website secure? Are my servers protected? These certainly play an important part in our defence against security threats, but they’re not the only factors to consider. Business downtime can represent a serious lack of income, so being prepared, or at least covered, if anything happens, could make all the difference.
What security threats might affect your business?
Security Service MI5 have listed the current threat from international terrorism as severe, the second highest level. Though you might think your business is highly unlikely to be affected, you could be surprised. A major incident could cause damage to premises, prevent staff getting to work, leave them with a foreign travel nightmare, or disrupt supply chains, all of which would make a dent in productivity and, therefore, profitability.
As well as the obvious connotations of James Bond-type figures protecting the security interests of the nation, corporate espionage can cost UK businesses a horrifying amount of money.
It can take many forms; a competitor posing as an employee to explore confidential files, a data system hack, or even staff members selling your valuable research and development notes.
Beyond the threat to the balance sheets, imagine the potential damage caused by even the lowest-volume military equipment supplier or nuclear processing contractor being infiltrated in this way.
There are enough varieties of how a cyber-criminal could cause problems that going into them all in detail would warrant an article of their own.
To give you an idea of the basics; malware which affects operation of software; ransomware which prevents systems from working until a ‘ransom’ is paid; spyware which can capture important details such as bank account access information or updates about research projects; ecommerce hacks where nobody realises anything is amiss until the customers, whose payment went straight to the criminals, call you up chasing an order you never received…
What steps to take to minimise the effect of security threats on your business
The best way to protect your business now and in the future, is to do everything you can to avoid any sort of security breach happening. Though obvious, this doesn’t mean that it’s easy.
Do a risk assessment
Identify weak areas in the business. Corporate espionage might seem unlikely if you’re running a high street café, but if the family cake recipe is what’s bringing in a large chunk of your business, it makes sense to keep it safe!
Depending on the industry, there are likely to be restrictions on the sort of candidate screening you can do (or are allowed to do) to fill a job role. That said, a bit of basic research might come in handy, even if just to make sure they’re the sort of person you want to spend a working day with.
Understand what the legal requirements are (even if not legally required to do so)
Some businesses have a legal requirement to restrict and monitor access to certain materials, such as chemicals or explosives. PREVENT have some useful resources on this.
Have a recovery plan
Make sure you have a contingency plan (or plans) if things go bad. This could be a call to your developer to rescue a stricken ecommerce site, steps to secure important data if a building needs to be evacuated, or finding new suppliers so you can still process orders.
A few units of lost or damaged stock can be a nuisance, an entire warehouse (that you own) of stock going up in flames in a massive problem. Orders won’t be fulfilled, stock will need to be replaced, you might not be able to trade during all of this, and therefore won’t have any income.
Making sure that you have full cover for any eventuality might sting a bit when you’re watching the monthly payments go out, but it’s more than worth it to protect cash flow and your business interests if you need it.