Businesses must respond to "modern threats" from cybercrime
THE challenge of protecting businesses from cybercrime came under the spotlight at the Yorkshire Business Market.
The major event in Harrogate, which attracted companies from across the region, heard from Microsoft’s Daniel Langton who works with small and medium businesses to help them respond to changes and threats that IT creates.
In his nine yeras at the technology giant, he has seen the industry change, from delivering new software releases every 3-4 years, to a constant state of upgrade.
Microsoft also announced last year that they will be building UK data centres, allowing them to bid for cloud computing tenders for sensitive and restricted data.
Mr Langton said that some of the biggest questions Microsoft asked were: How do we anticipate changes? What should we be investing in?”
He said at the event yesterday: “We have to manage changes in technology or they can become threats to business.
“When Windows XP came out, there wasn’t Facebook, and not the level of cyberhacking we have now. These are modern threats.”
The financial cost of losing customer data, losing customer trust and broken systems are some of many byproducts of poor cyber security, he said, which would impact on the business in question.
Mr Langton said that the Ashley Madison, Sony and TalkTalk hacks, amongst others, were evidence that even the biggest companies can get hit.
TalkTalk’s hack cost the firm £100m and affected 157,000 customers. Mr Langton said the moral of that story was: “Don’t collect data if you don’t need it. At TalkTalk they asked themselves why they had that data in the first place.
“We have to ask where, how why are we collecting and storing data.”
According to Microsoft, 90% of large organisations suffered security breaches in 2015, and 75% suffered staff-related breaches.
In response, Microsoft set up a digital crime centre, investigating trends and how to mitigate against them, as well as working with law enforcement.
“The biggest threat to businesses is not competition, but the loss of customers’ trust. Trust and security is paramount,” Mr Langton said.
Companies have email addresses, names, financial information, supplier transactions of their customers, colleagues and partner firms. Mr Langton said it was important that staff members had the right level of access to company data .
“But SMEs don’t always work like that,” he said. “Everyone has access to everything.”
An updated data policy was a must-have, according to Microsoft, especially with mechanisms like the cloud, meaning that there is continuous access to data, that is not tethered to a specific device.
Mr Langton said that cybercrime extended from phishing emails which can go out to as many as 15m people, from more targeted, niche attacks.
He cited the email correspondence at an unnamed marketing agency. It appeared that the CEO had asked the CFO to complete a transaction using a very similar email address. Hackers had researched the company and its processes and people using LinkedIn to determine the right people to target.
Mr Langton was one of the speakers at the Yorkshire Business Market, held at the Pavilions of Harrogate which brought together businesses from across North Yorkshire and beyond. The event also featured speakers from CNG, The Digital Garage from Google and the FSB.
