How Easy Would It Be To Hack Your Business?
The most important thing any firm can do to protect itself from hacks – both visual and cyber – is to change the way it thinks
A cyberattack is a bit like a car crash –something that happens to other people, until it happens to you. Despite the high-profile and high-cost hacks at the likes of Sony and TalkTalk, awareness of cybersecurity remains patchy at the c-suite. An attitude persists that, so long as you’re paying your anti-virus subs, everything’s fine and dandy. But nothing could be further from the truth.
Take a moment and look around you right now. Can you be sure no one could steal a glance at your screen, whether phone, tablet or desktop monitor, and see what’s on there? What if you had confidential information on your screen, maybe your company bank accounts, HR records, or sensitive customer data?
Visual hacking may seem lo-tech, but sometimes the old ways are the most effective. After all, why go to the trouble of hiring Russian gangsters to code an ingenious Trojan, when you know your target’s chairman regularly leaves print-outs of top secret company documents on the 19:38 to Letchworth?
In a covert experiment conducted by the Ponemon Institute for 3M, undercover ‘hackers’ were sent into participating offices to expose how easy it was to capture sensitive company information by visual means. In the UK, they had an astonishing 87% success rate in all visual hacking attempts. A quarter of the time, they took confidential documents, financial information or log-in details without challenge, much of it lifted directly from unprotected computer screens.
The most important thing any firm can do to protect itself from hacks – both visual and cyber – is to change the way it thinks about sensitive data, turning it into a business risk that’s fully understood by the board, not just something fobbed off on the IT department.
More specifically, organisations can reduce the risks of confidential data been pinched by such measures as installing privacy filters, which prevent screens being viewed at an angle, introducing 2-step logins and training staff in your by now well-thought-through security policy.
Of course, a hack is something that could happen to you, no matter how careful you are. But then that’s true of many risks in business. So long as those risks are understood and where possible contained, it shouldn’t prevent dynamic companies from seeking out the opportunities the modern world brings.