Security Starts at the Top

Did you know that as the managing director or CEO of your company, you are liable for possible data gaps at your company? But this is not the only reason why the subject of data security is becoming increasingly important.

According to a 2017 study by the consulting company Deloitte, cyber attacks are already a part of everyday life for German companies: 83 percent of the surveyed companies with more than 1,000 employees register cyber attacks on their IT systems several times a month. But smaller companies too are increasingly having to protect their data against loss and theft. 

Why data protection is becoming increasingly important.

Downtime, production stoppages, competitive disadvantages, financial losses, a damaged reputation: these are just some of the possible consequences of data loss or theft. It goes without saying that for many companies the subject of data security and data standards is, therefore, one of the biggest hurdles on the way to digitization. There is greater scope for cyber attacks due to new interfaces for the networking of machines and assets, as well as the uncontrolled use of cloud services and private terminals in everyday office life. However, refusing to digitize your company is not the way forward. To overcome these obstacles, what you really need to do is rethink the use of such services and above all, to redefine possible sources of dangers.

Because: it is often wrongly assumed that such sources of danger come from outside the company. Internal security gaps in particular often drift out of focus as a result.

Humans as a security factor.

Cybercriminals do not distinguish between global corporations and small and medium-sized businesses. And the focus of these attacks is increasingly on the human factor. The results of recent studies show that managers at German companies also see that the biggest source of danger neither comes from the outside nor is due to technical causes: it is the careless handling of data by employees. Attackers exploit their carelessness, curiosity or naivety and access their data by using viruses, trojans and other malware. 

An important step towards data protection is understanding that awareness of the problem should be raised among employees at the beginning of the solution process. This provides the foundations for addressing limited knowledge in the area of data protection through targeted training.

Security at all levels.

First and foremost: security starts at the top which is why senior management needs to lead by example.

A cyber defense strategy must be internalized and supported at all levels. Therefore, do not simply regard cybersecurity as a purely technical or IT matter, but as the sum of all employee activity within the company of which you are head.  

5 steps to protect your company.

Once the potential security risks have been identified, they can be minimized by taking appropriate measures. The following points are particularly important when it comes to developing your security strategy with your IT team:

  • Raising awareness and building competence: Raise staff awareness in handling data, and offer them (online) training courses in this area.
  • Security status and back-ups: Get your employees to regularly check the security status of their devices and create back-ups. 
  • Updates: Make sure that security software is constantly updated – also on mobile devices.
  • Clear standards and permissions: Define clear access rights and permissions to prevent unauthorized access to data.
  • Encryption: Secure computers and mobile devices with passwords to also protect your data in the event of devices being stolen.

By taking these initial steps, you are minimizing security risks and proactively reacting to the changes you face as part of digitization. Because: change is not only a constant in the entire field of digitization but also when it comes to data security.