The National Standards Authority of Ireland (NSAI) is urging firms in Ireland to be aware of the importance of cyber security.
The NSAI says ransomware defence, employee awareness training and encrypted backup of mission-critical data are the ‘critical trio’ areas that need to be assessed during European Cybersecurity Month.
Denis Ryan, a lead auditor for the NSAI and has responsibility for information security management certification systems, said companies are constantly trying to catch up with new cyber threats.
“Firms often get caught out by threats they didn’t know existed – the unknown unknowns – so it’s important to stay informed and keep upskilling your IT team so it has the capabilities to cope with whatever threats arise. Regardless of the size of your business or the sector in which you operate, cybersecurity needs to be a priority.”
“For those unsure of where to start, the critical trio of areas to address are ransomware defence, employee awareness training (especially for non-IT staff) and encrypted backup of mission-critical data, as you can revert to this if you have a breach.
“Continuous awareness training is vital so that all employees understand that everyone has a role to play by being able to recognise phishing attempts and following security protocols.
Mr Ryan highlighted the financial damage that can be inflicted on a business due to a cyber attack, and stressed the importance of ensuring security is up to date.
"It’s also important to factor in cybersecurity to your change management protocol, for example. How will new tools or processes affect privacy, record control and other aspects of cyber-resilience for your business?
“For Irish businesses, being smart about cybersecurity pays dividends on multiple fronts. First, when your cybersecurity is up to date, you prevent the financial loss that comes with any breach. Cybersecurity issues such as data theft or service disruption regularly cause companies to incur significant financial losses.”