Cybersecurity

How To Build Your Firm's Cyber Security Strategy

Cyber attacks are above the radar. They are making front page news, the government is taking them seriously, and almost every movie now features the use of hacking to steal data or funds. Unlike the movies though, most hacks aren’t sensational heists or system-wide ransomware attacks: they simply exploit a lack of employee awareness and too much trust in emails, or the lack of even most basic security within a business. The cyber scams we see are often simple purely because they don’t need to be sophisticated to work.

Different businesses face different cyber risks. If your company value is in your intellectual property, for example, it would be advisable for you to think about how that is protected first, or if you produce particular products, your ability to continue to do so is critical. However, across all of the businesses we deal with, we see cyber frauds targeting payments and funds more than anything else, with sensitive data being a close second.

The first 24 hours following a financial fraud case is the golden period in which to act, the quicker the better. First, let your bank know what’s happened to stop money moving. Then you will want to employ someone to undertake a short, fast investigation to work out where your funds may have moved to and what data may have been lost. When we investigate financial crimes for clients, we use legal orders to request information from banks and technology companies, and rapid investigations to tie an attack to an individual or group if possible. If data has been lost, the sooner we can get an accurate picture of the amount and type of data that has been accessed, the sooner customers and clients can be reassured. Prevention, though, is better than cure.