In the first six months of 2019 alone, 4.1 billion records were exposed due to data breaches. SME leaders and solopreneurs often find comfort in the false assumption that they are too small to be on the radar of the hackers behind these numbers. The reality, however, is that it is not about the size of your business. What makes one a potential target, is the likelihood of a weaker cybercapacity that results precisely from the assumption that company size determines your significance as a potential target.
Hackers attack approximately every 39 seconds
and on average 2,244 times a day
According to the University of Maryland, hackers attack approximately every 39 seconds and on average 2,244 times a day. As data breaches are on the rise, so is the likelihood of more companies and more users being affected. While the constant news coverage has by now led to a seeming point of desensitisation, it is crucial to understand the consequences that cyberweakness and compromised data can have.
For suffering a hack or a data breach, companies could face fines up to 4% of their annual turnover or max. EUR 20 million, whichever is higher, according to the GDPR, whilst users’ personal data can bring profit to hackers in various ways. From the duplication of credit cards to using personal information for identity theft or blackmail, being a victim can have devastating financial, reputational, and personal repercussions. It is therefore more important than ever to increase your cybercapacity by combining best practices from cyberbehaviour and technology.
With the freedom of being able to work from anywhere in the world comes the responsibility to build a digital, on-the-go workspace that is conducive to cybersecurity and privacy. But with enough daily to-dos arising from simply running your business, obstacles may arise from the simple departing point of any change in human behaviour: where to begin?
Cybercapacity as the foundation of trust
As with any task, we can start by taking it apart to create actionable steps forward. Cybercapacity can be viewed as the umbrella covering all the components you need to safeguard your business in cyberspace. The capacity-building components underneath this umbrella can be divided into two: cybersecurity and privacy. Although often conflated, these two concepts are fundamentally different. We’ve found the following parallel useful to understand the distinction: installing iron bars across your window will increase security but not your privacy; adding curtains will also take care of the latter.
Solopreneurs and SME leaders have the privilege and responsibility to establish a digital workplace culture that encompasses key principles of cybersecurity and privacy. The commitment to building your cybercapacity is not solely about protecting your business. By instilling these practices, you are also building a trustworthy brand, which can secure a long-lasting competitive advantage. Consistency in displaying safe cyberbehaviour will additionally make you a role model for your partners and clients. The established truth that a network is only as secure as its components also applies to remote teams and business interactions. Setting an example to your business network is therefore vital on the pursuit of reaching greater cyberpower.
First steps towards best practice in cybersecurity
Cybersecurity is defined as the protection of data from any unauthorised online access. Information security further expands this definition to include the protection of data from any kind of unauthorised access. Securing your data and the data of your customers ensures the protection, durability and resilience of your business from any external interference that could have devastating consequences. Some examples from best practice in cybersecurity include:
It often escapes us that cybersecurity extends from the digital realm to the physical world. Serious incidents, such as theft or losing your devices during travel, are the things you think will never happen to you… until they do. Awareness combined with preparation can go a long way in ensuring the fastest possible recovery with the smallest amount of damage in the wake of such events. Some practical ideas to keep in mind:
Establishing a reliable privacy culture
The idea that data has become the new currency is consolidating itself alongside all the threats it entails. Data protection involves an understanding of the data you are responsible for and the legal requirements you should follow to ensure its safe handling. The General Data Protection Regulation (GDPR) provides a useful framework to consolidate a culture of privacy that places data protection at its heart.
Data mapping comes first
Two years since the implementation of the GDPR, we are becoming used to seeing privacy and cookie policies on most sites we visit. Nonetheless, privacy compliance extends deeper than that. We can think of it as an iceberg – there are things below the surface that we don’t see but that determine the nature of the mass as a whole.
The visible surface is an indication of being trustworthy and what lies underneath determines that the reality lives up to the façade. Following these guidelines is not only a requirement of compliance. It should not be viewed as a mere legal nuisance but as an opportunity for consolidating your brand around principles of digital trust, adding to the long-term durability of your business.
Cybersavviness as an evolving skill
The more digital our work, societies and interactions become, the more important it is to incorporate secure practices into our daily habits and workflow. Cybersavviness is a constantly evolving skill. It starts with nailing down the basics and continues by building on this foundation. As general cyberawareness keeps growing, it has also become a genuine chance to ensure a long-lasting competitive advantage through establishing digital trust. Improving your cyber capabilities and involving your clients, partners and contractors in the process is an essential investment in yourself and the resilience of your business network.
The great news is that you are not left in the dark!
You can sign up for the free ‘Quick-start Your Cyberpower’ online course to guide you in making the first steps or grab a copy of the Cyberpower eBook, which provides concrete and comprehensive guidance on safeguarding your digital workspace with ease.
Digital transformation strategist | Privacy advisor | Cyber anthropologist | Author