Over the past 18 months, businesses have been forced to accelerate digitalisation plans to adapt, evolve and overcome the endless challenges posed by the COVID-19 pandemic. However, new ways of working may have left businesses more vulnerable than ever before. Here, Peter Prahl, SVP International and Digital Cloud for IONOS Cloud explains why it’s essential business leaders take a step back to assess current risk, and take measures to keep a company as protected as possible.
COVID-19 has transformed businesses. While many understood the benefits of digitalisation – and had taken steps on their own transformation journey – others that were less sure had no option but to accelerate digitalisation efforts to keep their business afloat and attract essential customers during the pandemic.
Earlier this year, we conducted research of 1,000 SMEs to find out their views and attitudes on the topic, and it confirmed COVID-19’s impact – with 63% of those surveyed saying coronavirus has strongly (34%) or very strongly (29%) impacted their company’s digitalisation efforts.
The research findings were mostly all positive, with nearly one in four (39%) respondents actually saying it had helped them win new customers at an essential time. 64% had heard positive feedback because of the business changes they’d made, and fortunately almost three quarters (74%) felt better prepared for future crises because of the technology they had put in place.
However, while digital transformation has a host of benefits, for example a better customer experience, data-driven insights, greater resource management, and often improved productivity and profits, it can also leave businesses vulnerable if practices aren’t put in place to keep it protected.
We released further research last month that revealed 34% of IT decision makers admitted their organisation is at risk of security threats due to skills gaps. This is likely because when businesses quickly evolve, risks can present themselves that might not have previously been accounted or prepared for. To manage these, experts within the business need to be able to pre-empt vulnerabilities, and essentially mitigate these as soon as they arise.
However, despite the need to prioritise business protection, only one third of respondents surveyed said they had conducted a cyber security risk assessment in the past 12 months. Even more shockingly, 12% of respondents had never conducted one, and 16% who had conducted one more than five years ago had no plans to do another in the future, despite the dramatic change the pandemic had on many businesses.
This lack of understanding regarding the importance of pre-empting and assessing risk is surprising. Over 5,200 data breaches have been confirmed globally in 2021 so far, a sharp increase on the 3,950 reported in 2020, and with businesses at such high risk to hackers and online predators, more must be done to ensure an attack can be withstood.
When asked about the biggest security threats facing their business, respondents said increased DDoS attacks (35%), phishing and scam attacks (35%), employees downloading unapproved apps (33%) and employees not storing data correctly (32%) noted as the biggest IT threats at this time.
With that in mind, action must be taken to address the above vulnerabilities as a priority. Firstly, it’s essential business-wide training is conducted on cyber security best practice, and that all employees understand they have individual responsibility to follow guidance and play their part in keeping the organisation protected. Internal phishing tests – where employees are sent ‘fake’ high risk emails and their response monitored – is also a good technique as it helps highlight staff that require more training.
Conducting a risk assessment frequently – especially when software usages changes or a business significantly grows – is also essential. It gives a clear view of the biggest security threats an organisation could face, and means plans can be put in place to manage an attack should it strike.
Finally – and fundamentally – businesses must work with likeminded external providers like IONOS Cloud. The company is an expert in rising to the challenges of digitalisation, providing high performance with reliability, and can provide peace of mind when it comes to security. IONOS can also provide guidance on cloud storage best-practice, and the measures businesses should take to add another layer of protection – like data encryption, multi factor authentication and dynamic authorisation.
For more information on IONOS Cloud, or to speak to an IONOS expert, visit: https://cloud.ionos.co.uk/