Data privacy and cyber security services

Ransomware creates a nightmare scenario for every business it targets. It results in lost access to critical systems and data, prolonged downtime, lost productivity, and lost profits.

What we continue to see is that no one is immune. There is no real pattern to the types of organisations being attacked, however clearly the larger high-profile brands are the ones that receive the most publicity.

The world is moving on quickly. Smart devices and social media are intertwined, leaving users, homes, healthcare, financial, manufacturing and other industries vulnerable, hackable and easy targets to be taken down and/or held for ransom.

In today’s fast-changing digitally led economy, most businesses are currently going through some form of digital transformation either to improve their offering or to streamline their operations, with many already seeing the benefits of financial investments made. The Catch-22 is that with this increased use of technology and collection of personal data, the need for protection increases. But not all businesses are actively protecting themselves against cybercrime.

Business leaders feel a lack of confidence in their ability to protect their businesses and a sense of inevitability and resignation to an attack, with many believing hackers will always outwit preventative software.

There is a gap in senior management’s engagement and prioritisation of cybersecurity that needs to be addressed, with lack of discussion around the risks at board level and ambiguity over who is responsible for cybersecurity in the organisation.

The GDPR is identified as the key driver to businesses taking the first steps in cybersecurity and the legislation is justifiably seen as a champion in this space, but there have been some unintended consequences.

Correctly, most businesses see human error as the core area of vulnerability with targeted attacks on staff via phishing, whaling and ransomware attacks being the most sensitive touchpoint, so what can be done to educate employees?

Having a culture which encourages staff to report data breaches is key to ensuring that the real scale of the threat can be determined, and so that root cause analysis can be undertaken to help prevent future attacks.

An industry shift around cyber risks, threats and breaches is needed and transparency is at its heart. Here are RSM’s top tips to help make cybersecurity a priority.

Here are some simple things that businesses can do to mitigate the risk of a cyber attack: Breach readiness preparation It is important to get your incident response capabilities prepared for the ‘when’, not ‘if’. Governance Ensure that the cybersecurity strategy and organisation is in place

Personal data is valuable on the ‘black market’ but is also sold legitimately. Obtaining data such as contact details and personal details helps companies market their products to the right people.

RSM has reported record global revenues of $5.37 billion for 2018

A blog by Jean Stephens, CEO. 2018 has been an eye-opener when it comes to protecting customer data. From middle market businesses to large corporations, cybersecurity and simple human error pose an increasing risk. With the EU’s General Data Protection Regulations (GDPR) having come into effect last month, how can middle market businesses and fast-growing companies use this change to benefit them?

Despite the rapid rise and dominance of digital businesses across the world, research shows that the middle market does not see digital transformation as a strategic priority. This oversight not only puts their business at risk through loss of market share, but also at risk of business failure if nimbler and more advanced competitors harness digital transformation to seize their market share altogether.

North America and Europe generate approximately 75 per cent of digital content for Internet users worldwide.  Amid weak GDP growth worldwide and flattening of traditional foreign trade and investment, international digital exchanges are rapidly growing.  The challenge is how governance structures can be formed that reconcile 'public welfare' and 'individual privacy'.

How damaging is the KRACK Wi-Fi attack and can it simply be patched with software updates? RSM’s Cyber expert, Michael Shatter (National Director, Security and Privacy Risk Services) catches up with Daimon Geopfert, National Leader of Security and Privacy (RSM US) to discuss the issue further. 

Mind the KRACK - How the KRACK Wi-Fi exploit highlights the core vulnerabilities of the internet. KRACK (Key Reinstallation AttaCK) is a severe replay attack on the Wi-Fi Protected Access protocol that secures Wi-Fi connections and targets the third step in a four-

A blog by Michael Shatter, Director of Risk Assurance Services, RSM Australia. Throughout the evolution of cyber insurance one thing has become clear; defence barriers can never be fully impenetrable and therefore, you are never fully protected. This is what makes insurance the back bone of cyber protection. Organisations of all sizes need to invest in security procedures and tools to make the business as resilient as possible. 'Underinsured' means 'underprepared'. 

The ransomware cyber-attack that took place in May 2017 was unprecedented in scale and affected more that 230,000 computers in 150 countries. The indiscriminate attack on hospitals and government agencies exploited known vulnerabilities in old systems of Microsoft Windows operating systems. Cyber security now supersedes all technology risks for businesses, and this attack shows many have not yet responded to the threat. Some markets boast sophisticated technology and regulations, while others have restricted access to digital infrastructure. No matter where you look, however, there is one constant. In the arms race between cyber criminals and experts, neither party ever draws far ahead.

You will have noticed significant media coverage of an outbreak of ransomware globally which impacted 10,000 organisations in over 150 countries including Britain’s National Health Service and automaker Renault.

The Icarus effect: tackling cybercrime complacency Do you know what a cyberattack looks like? Is your organisation prepared to defend itself?

Most key business processes are now automated and built on technology. Consequently, disruptions from a cyberattack can lead to significant lost sales and productivity, recovery costs and reputational harm. Accounting for business interruption costs is almost as important as mitigating the breach itself, especially as exposure is only expected to increase in the future.

Cyber risk is an ever evolving threat for 21st century business and as such, is a top of mind issue for today’s business leaders. A cyber security breach can have huge legal and financial ramifications for any business. High profile cyber-attacks are on the rise and governments are increasingly cracking down on cyber criminals. 

Middle market businesses are often at risk of the same scams and cyber attacks that affect individuals, and should take steps to protect themselves. The cost of a security breach can be huge, not to mention the reputational damage a high-profile breach can cause.

When it comes to information technology security, no company or industry is immune to unauthorised access to its data. Yet when it comes to their own companies, many manufacturers feel it unlikely that their data will be a target of any breach attempts. 

Instances of Internet fraud and other data related crimes have been increasing dramatically and becoming progressively sophisticated. Cyber-attacks on organisations via security loopholes and un-patched servers have increased over 80 percent in the last two years as intruders look for industry or identity data theft.

Every organisation and every business is now reliant on technology. Therefore cyber security cannot be considered a risk in isolation or something IT ‘will deal with’, it must be considered a business risk and the board must be aware of, and actively pursuing, cyber risks. It also must be understood that cyber threats aren’t a discrete problem to be solved, rather, they’re a complex risk that need to be managed.

No technology topic is hotter in the private club industry than cyber security. Articles, conference and chapter meeting education sessions, vendor presentations–all are addressing the topic from a variety of angles. The purpose of this article is to lay out the four elements of cyber security that should concern your club. 

The current atmosphere is challenging for financial institutions, as increasing regulatory demands and the rising costs of doing business are making profitability more difficult. As your institution begins the budgeting process, your IT framework will likely come under scrutiny, as properly leveraging technology can help you become more efficient while providing necessary security measures.

Cyber crimes are growing on a global scale and the leisure and hospitality sector is not immune to this. There are particular, and very real threats to consider. Large customer databases and high transaction volumes present across the sector make data particularly attractive to criminals.

Data breaches and information security are critical concerns for organisations and individuals as attack methods become more diverse and widespread. While media reports typically only illustrate the dangers at large companies, small breaches are more frequent and cause the most damage. In fact, family offices are at an acute risk; with information from high-net-worth individuals extremely valuable to criminals, security measures may require a closer look.

The rise in advance persistent threats puts a spotlight on the vulnerability of the IT systems at many financial institutions—and intensifies the need to implement more robust security procedures to protect institutional assets.

A guest blog by Thilen Pillay, Manager – Risk Advisory Services, RSM Betty & Dickson (Johannesburg)

Cyber security, once limited to the expertise of Information Technology specialists, has become a business-critical issue engaging senior corporate leaders worldwide.