ESTIMATED READING TIME: 2 MINUTES
As the new year does its best to wake up and start Australia moving once again, I can’t shake the one topic that sums up my current thinking about 2018: Uber.
It seems that, while the increased threat of a war with North Korea may ultimately be more devastating and while the Hollywood house of cards falling beneath sexual harassment allegations may have been more attention grabbing, it was 2017’s issues of cyber security that threaten to have the biggest immediate impact on all of our day to day lives in the coming year and beyond.
Uber’s recent revelation of its cyber security breech (read it here) came at an interesting time for me, not because I’m likely to be one of the 1.2 million Australians in the Uber breach but because, as a business owner, the threat of being hacked is an ever-increasing concern.
Small companies must invest significant amounts of time and energy ensuring their systems and data are safe.
While our stores of these things may be far smaller than huge companies like Uber, we also do not have the huge budgets to hire people with specialist knowledge to stay on top of legal and regulatory requirements, technology and solution options.
I must do all of this myself.
I donate technical and administrative support to a not-for-profit professional organisation and over the several years I have done this, the amount of time and effort I must spend reviewing and protecting personal information storage is increasing.
With tighter impending regulation, including Europe’s General Data Protection Regulation (GDPR), it’s not just large organisations that are affected. The impact on smaller enterprises and not-for-profits is significant.
Our largest clients now require us to have a robust security policy, which isn’t a bad thing, but combined with the additional cost of cyber insurance cover now demanded as part of the contracts (which seems alarmingly high), and the cost of additional contract review legal fees, the overall cost of running a business is escalating quickly.
Without good cyber security, you don’t have good business security. That’s true no matter the size of your business or the industry you’re in.
It’s a business assurance issue.
Whilst cyber security responsibility falls into the realm of the IT group, the real responsibility is very much broader.
What kinds of risks would your business face if your information (not just your data) were to be hacked?
Within the Intraversed lexicon, “information” is what is created using raw data, or resources, which have significant meaning and importance to the business. It includes all your reports, figures, analyses, SOPs, contracts, etc. (we wrote a great series of blogs on this you can read here).
Cyber security around these documents is often unconsidered.
It has implications for legal documentation, intellectual property security and contract management.
It has implications for HR information, internal privacy and confidentiality and staff training and education.
It has implications for finance departments, not only with the transfer of money and personal details, but also the business financial figures, reports, projections and so on.
As business assurance specialists, Intraversed are facing the year ahead with an anticipatory interest in how cyber security-related regulation will impact our clients and their information management.
There will inevitably be an increase in the time, effort and financial impact of unavoidable increases in legal requirements in this field.
While I’m still taking an Uber home from the occasional over-indulged evening event, I wonder at just how convenient that simple payment-location-identification app really is.
Next Blog: The Cost of Convenience Part 2: Digital Disruption (read it here)
Mark is a co-founder & Chief Development Officer at Intraversed, helping organisations establish the Intralign Ecosystem, an award winning information management & governance methodology, to achieve reliable information, stable tech spend & greater IT project success.
We’d like to send you our monthly email. They outline our latest blogs, talk about current events and give you information about our services and products. We strive to make them interesting, relevant and practical, so you can build your business assurance with each email. And we also do our best not to let our emails be too salesy, pushy or marketing-heavy.
We’ll send you a monthly email outlining the topics we’re talking about and links to where you can read more and join the conversation.
In the meantime, why not connect on LinkedIn here?