Suited man holding a tablet with a lock graphic spiraling

Keep Your Data Safe

June 10, 2019

Keep Your Data Safe

Synopsis
3 Minute Read

Cyber threats may be constantly evolving – yet many organizations are failing to take these basic steps to protect their data, their people and their reputation.

Your data isn’t the only thing at risk if you fail to take basic steps to protect your organization's information. You also jeopardize public confidence in your organization – along with your current and future business prospects – and may expose your organization to litigation and significant liability.

Learning the Hard Way

Nowhere is this more evident than through the string of ransomware breaches over the last several years. Compromised businesses lost productivity. Hospitals potentially risked patients’ lives. And courtrooms are overflowing with organizations who knew their systems were vulnerable – yet neglected to implement reasonable precautions which could have prevented or minimized the probability of a breach.

Companies are having to defend themselves against numerous class action suits alleging harm to shareholders, business partners and the public. Executives and board members are facing personal lawsuits for allegedly breaching their duty of loyalty, care and good faith by failing to implement and enforce effective internal data security controls and procedures.

And with new data privacy legislation now in place across Canada and Europe, it’s safe to assume the judicial consequences will only become more frequent and severe.

A Common Sense Approach

There are many steps an organization can take to protect its information. Even the most basic strategies can go a long way to preventing or reducing the harm of an attack.

These include:

  • Regularly updating software and security patches
  • Using real-time anti-malware and anti-virus software
  • Frequently backing up key data in multiple locations, including offline
  • Training employees to recognize phishing emails and other social engineer tactics
  • Establishing and promoting a central point of contact for end-users to report phishing attempts
  • Developing, implementing and periodically practicing an Incident Response Plan to identify, contain, eradicate and recover from cyber security incidents

None of these are a ‘one and done’ tactic. It’s critical to revisit, rehearse and review each on a periodic basis to align the organization with the most prescient and contemporary threats. These recent hack attacks, including "WannaCry", are a serious reminder to get your cyber security up to date, immediately.

Insights

  • Confidence
    Holding a portfolio on one hand, comparing data on another

    July 28, 2021

    How to optimize value from an Internal Audit co-sourcing partnership

    Co-sourcing your internal audit function can help you navigate several contemporary challenges — including the need for greater agility and subject matter expertise, as well as cost and resourcing pressures. Here we investigate practical steps to find the right vendor and make this relationship as seamless, targeted, and cost effective as possible.

  • Progress
    person reviewing graphs on their phone

    July 26, 2021

    Automating finance, so you can focus on your business

    Cloud accounting and bookkeeping solutions allow you to focus on the critical parts of your business instead of shuffling through paperwork every week.

  • Progress
    ""

    July 22, 2021

    Cloud accounting and bookkeeping can transform your real estate and construction operations

    Priorities are changing after the long hours that came with navigating COVID-19. Here’s how you can free up time to focus on what really matters.