Cyber security is becoming more and more important given the increase in volume and sophistication of cyber attacks and events in recent years. Cyber criminals are amazingly good at disguising themselves and convincing an unsuspecting user of IT systems or an email recipient to click on links or otherwise inadvertently allow unauthorised access to their IT systems.
You will need to work with your IT provider/department to get as many technical measures in place to keep your IT systems as secure as possible (firewalls, anti-malware software, etc), as well as train staff about what they need to do to watch out for and to recognise cyber criminal activity.
Audit your IT systems and identify areas of vulnerability to put further protective (technical and organisational) measures in place, including up-to-date firewalls, etc, and keep all other applications up-to-date with latest updates and security fixes.
Getting a suitable cyber insurance policy in place will be key to give you support in the event of a cyber incident. Insurers can help with payments for PR campaigns or other communications to deal with the fallout, and to cover various legal expenses.
Cyber cover can also sometimes cover payments of compensation to data subjects in the event of a data breach, but policies do vary; not all of them will cover compensation or any fines that might be payable to the ICO, or other contractual damages that might be due so review the policy very carefully to confirm that it gives the type and level of cover you need.
We are on hand to help you put robust policies and procedures in place, and to provide training and advice on data protection matters for your staff so they do their bit in keeping your systems secure. We can help review or establish cyber or IT policies within your business, which should become part of your internal framework for normal business operations. And we can inform and train staff about how to help prevent a cyber attack, and what to do if something goes wrong.
If there has been a cyber incident, then working with your insurers and lawyers to make sure that all appropriate notices are sent and people are informed will be important, as well as trying to contain any damage.
We are operating a Cyber Security Helpline for ABTA Members and we would be happy to talk to you and help support your business get its procedures in place, or if something goes wrong.
Debbie Venn, Partner, DMH Stallard LLP. June 2021