We are nearing the halfway mark of 2025 and it won’t be too long before thoughts shift towards summer holidays. In the meantime, we’re taking the opportunity to follow on from last month’s discussions on the cost-benefit of cyber protection via a current press story and some cloud storage tips.
Cyber risk – the human element
M&S recently reported its annual results, referencing the expected impact of the Easter cyber attack it experienced – ongoing disruption until July and expected reduction in operating profit of £300m. In this ITV news article, it seems that M&S was not the only company targeted at that time, underlining the hackers’ reach and persistence. However, what is particularly interesting is that the CEO of M&S stated that the hackers gained access to its IT systems through a third party after “human error” – i.e. in spite of the investments M&S had made into its own cyber protection. There are two key messages to take from this:
- even with excellent technological cyber security measures, the hackers will still try and find a way in via your “human firewall” and;
- think carefully about how your supply chain is managing its own cyber security as it can have direct consequences for your business
What can we do? Undoubtedly the implementation of cyber security technology needs to be underpinned by regular training for your team. We have previously discussed the UK Government’s Cyber Essentials certification that can improve your own cyber hygiene whilst giving confidence to your business partners. Indeed one could argue that you should be looking for CE certified supply chain partners as well. See our Managed Cyber Essentials web page for more information.
Safe cloud storage
In today’s technology-driven environment, cloud storage can be a vital part of our personal and business lives allowing easy access to data via an internet connection anytime and anywhere. Cloud storage service providers will keep, manage and back up your data, offering different packages to do so. However, how do you keep your data safe and only accessible by authorised personnel? The main features you should be looking out for include:
- Encryption: look for those offering end-to-end encryption, ensuring that your data is encrypted both in transit and at rest
- Data backup: check the regularity of back-ups to ensure you have a recent copy in case of technical issues or cyber attacks
- Access controls: make sure there are strong access controls, such as two-factor authentication (2FA) and granular permissions, limiting who can access your files
- Compliance: make sure the provider complies with major data protection regulations like GDPR or HIPAA as needed
- Customer support: if you have any issues or have questions about security features you need responsive customer support
- Read reviews: and ask about security practices to make sure you are fully informed
