According to Grant Thornton's International Business Report damages to the Northern Irish economy from cybercrime have reached £98.71 million per year. The impact however is far more wide-reaching than simply accounting for directly measurable losses; the long-term reputational damage can cost an organisation large numbers of customers as confidence in security of data wanes. The annual TRUSTe Consumer Confidence Index reveals that 92% of internet users in the UK worried about their online privacy and 80% had made decisions on what they consumed based on privacy concerns. How an organisation protects data is now key to their business.
Ignoring customers’ concerns can have devastating consequences. In one recent case, a child online safety and tracking app called uKnowKids was hacked. A database containing the data of 1,700 children was compromised, exposing more than 6.8 million private text messages, nearly 2 million images (many depicting children) and more than 1,700 detailed child profiles. This included first and last names, email addresses, dates of birth, GPS coordinates, social media access credentials and more. uKnowKids is now potentially struggling against a tidal wave of PR backlash and customer mistrust.
Successful companies are tackling these concerns head-on, by placing emphasis on the measures they take to ensure data security and privacy and by keeping their customers informed. According to Forbes, the global cyber security market reached £54 billion in 2015 and is expected to expand to £123 billion over the next five years. The reason so many companies are investing in cybersecurity services is because they are realising that in the long run, it will save them far more than they are spending and will secure their continued growth.
It is increasingly risky for any company to ignore the issue of cyber security. It needs to be addressed by senior management and at board level in order to sufficiently mitigate the impact potential breaches. Companies should focus on the following areas:
- developing a cyber-security strategy by focusing on what needs to be protected;
- identifying priorities for protection by starting with a cyber security risk assessment and gap analysis;
- raising awareness of the role that all employees have to play in making their company cyber-secure; and
- implementing effective policies to embed cyber security within the business.
Cyber security and the prevention of cybercrime is crucial for companies in Northern Ireland. Protecting customers’ personal and financial data is part of the cost of doing business. It is clear that if companies fail to address cybersecurity and maintain the trust of their customers, they will face a major struggle as an enormous and increasingly savvy customer base passes them over.