The Impact of COVID-19 and Cybersecurity for a Digital Business
The COVID-19 pandemic has forced thousands of businesses – sole traders, enterprise, SMBs and large corporations – to shut their physical doors and operate online. Working from home is now the new normal and unlikely to change any time soon. Operating a digital business also means being vigilant with your cybersecurity.
What the Digital Environment Means for Business
Moving to a solely digital environment means two things for companies:
- the type and priorities of IT support and services needed will be different
- finding effective cybersecurity measures to keep data safe and secure
Read on to find out how ready your business is for the transition to a digital-only platform, the questions that you need to ask your IT provider about this transition, and the cybersecurity practices that you need to implement and stick to.
Moving your business completely online comes with some new risks that you may not have encountered in the physical working environment. Here are the top three risks:
- Digital Technology Dependence
When you work online, you will rely much more on digital technology such as web hosting, financial processing, email, video, messaging and more. Ask yourself these questions:
- Do you have sufficient bandwidth?
- Do you have sufficient online storage?
- Are you routinely backing up critical data?
- Check SLAs
Ensure that your Service Level Agreements (SLAs) will accommodate all your digital and online requirements.
Assess how to secure your current devices and web services are. If staff members are using their own devices to access your network, conduct an audit to determine how secure their machines are.
Effective Cybersecurity Audits
Forget about COVID-19 for a moment. If the future of your business is online and includes working from home, you will need systems in place to ensure that
- your business data is safe and secure
- your business technology is scalable
Ask – and answer – these questions to get a good picture of the cybersecurity status of your business:
- What IT assets do you have? Who is responsible for their management?
- Which cloud services are you using? Who is responsible for backing up your data? Who is responsible for providing access to data?
- What levels of cybersecurity support does your IT provider offer?
- What industry regulations do you need to follow? Are you GDPR compliant?
- Do you have cyber insurance? How does homeworking impact this insurance?
Cyber Essentials Certification
Having a government Cyber Essentials certification demonstrates that you have good cybersecurity practices in place. Cyber Essentials means that
- your customers know that your IT is secure
- your business is attractive to new customers
- you have a clear picture of your company’s level of cybersecurity
There are two levels of certification:
- Cyber Essentials
Cyber Essentials is the National Cyber Security Centre’s (NCSC) self-assessment option. With Cyber Essentials technical controls in place, you are protected against the most common cyberattacks.
- Cyber Essentials Plus
With Cyber Essentials Plus, a hands-on technical verification is carried out to give you extra protection.
Talk with Your IT Provider
Discuss these cybersecurity issues directly with your IT provider:
- How often do they patch and update?
- What backup procedures are in place and are these tested?
- How often is data backed up?
- In the event of a ransomware attack, how is your data recovered?
- Who has access to your data and applications?
- What forms of data encryption are applied?
- Are logs been kept for security purposes?
- What is their incident response time?
Security Means Growth
Operating in a digital world can have cybersecurity challenges. However, knowing what these challenges are and having the best cybersecurity measures in place means:
- Your business is sustainable
- Your business will grow
- Your business has a good reputation with your customers and suppliers