We asked what can businesses of all sizes do to ensure they future-proof company tech skills with emerging technical advances including cyber security.
Karen Thomas | Head of Business and Corporate Banking
If we looked forward 10 years ago would we have seen the technology before us? We know nothing about the future, but businesses can position themselves to maximise on technical advances:-
When hiring, try to recruit creative people who love change and flexibility – they will ensure the business continues to evolve.
Don’t always be first to implement the new sometimes it pays to hold back. It doesn’t always go as planned and may incur additional cost.
Make sure your business documents your I.T strategy. You may need to remind yourself or the board why you were choosing a particular approach if technology or systems change again.
Standards – Maintain and encourage high standards in respect of security. With technology and flexibility comes the opportunity for misuse by others.
Our security capabilities are also advancing and, like many, Barclays is keen to ensure that prevention of Cybercrime remains high on the agenda #digital
Martyn McGrath | General Counsel
Traditionally investment in technology has focused on cost effectiveness and ease of use. Little or no emphasis has been placed on security. A number of factors, including the introduction of the EU General Data Protection Regulation (EUGDDPR) and the Directive on Security of Network and Information Systems (NIS Directive) and the increasing number of attacks by cyber criminals, means that this can no longer continue. In the knowledge economy, it will no longer be sufficient to merely comply with regulation, but the reputational damage that accompanies a data breach will see investment in security as providing a strategic advantage. It is a misconception that criminals only target large organisations, as it is well understood that SME’s have limited budgets and therefore are easier targets. Organisations of all sizes need to review security budgets, existing IT supply agreements, but also consider the culture of the organization to ensure that security is at the forefront of everyone’s thinking.
Leon Window | Owner/Director
Here at Select Security, we took the decision to replace a number of paper processes with an ipad based app. Whilst the app was a significant investment for the business, it has meant that our processes around project specification and design, site inspections, and invoicing are all streamlined. The result has been a significant reduction in admin time for our workforce, and a huge increase in customer satisfaction, as projects can often be quoted immediately, which is a massive advantage.
In 2016, we won the Momouthshire Business Award for Innovation in recognition of the impact the app had made on the business, and were shortlisted as a finalist in the 2017 South Wales Business Awards.
We take cyber security extremely seriously both in terms of our operations and in-house apps, and our recommendations for clients. We would always advise consulting a professional IT specialist and please always practice safe networking, employ strong passwords, verify your online transactions on a regular basis, monitor removable storage device usage, and finally, be vigilant and maintain up-to-date software.
Cath Goulding | Head of Information Security
Along with reaping the rewards of being online, business owners should also be stepping up their cybersecurity to ensure that being online optimises opportunity rather than hampering or damaging it. Don’t make the mistake of thinking only large firms are the target of hackers. Recent research by Symantec shows that 1 in 40 small businesses is at risk of being the victim of cybercrime.
So, how to stay safe online? Nominet has created a guide for small businesses and sole traders that offers simple steps, such as staff training, monitoring security incidents and choosing the right Cloud provider to help keep a business’ data safe. It provides advice on supply chains, identifying points of vulnerability and collecting data to constantly refine practices and thus offer sustainable security – the hackers are always working to get in so we need to be just as tenacious to keep them out!
No business is too small to be a target. Don’t let your time, money and effort be wasted.
Charlie Grant | Specialist Cyber Security Consultant
Can anything truly be future-proofed?
To successfully ‘future-proof’ something, you must not only be able to anticipate the future, but also build solutions which minimise the forthcoming impact, and potentially damaging effects. But in our fast-paced digital age, with the ever-diversifying threat of cyber crime, how can organisations successfully future-proof their cyber security strategy?
Cyber crime is only becoming more commonplace in today’s society. Recent high-profile attacks including TalkTalk in 2015, and more recently at Ashley Madison and Yahoo! have brought cyber crime into the spotlight; bringing a maturing of attitude towards cyber security. Organisations now invest millions annually in initiatives to prevent the growing threat. Yet, with the increasing sophistication and diversity of attacks, data theft now turning into data manipulation, being able to fully ‘proof’ your cyber landscape is proving increasingly more challenging.
To put this into perspective, Verizon recorded 100,000+ security incidents in its 2016 Survey alone, with a further estimated 1.1m web attacks being prevented daily (Symantec). Cyber criminals now act with purpose, often in groups, employing sophisticated and increasingly popular Ransomwear & DDoS tactics which pose a significant threat to the security of our digital information.
So, what is being done?
Cyber Security is becoming a more serious business; this can be attributed to a few key factors. Fear, prompted by the above-mentioned attacks among others, has pushed insurance premiums up and has caused significant investment in cyber defence (estimated to be $1.8 billion globally by 2020). Companies now stand to lose more if their security is compromised. The impact of GDPR is an important area to consider here. The amended regulation in May 2018 will replace the current DPD which, when written in 1995, did not consider digital advances and the emerging digital threat to information. With heavy fines of up to 4% of global turnover and the ‘naming and shaming’ of organisations who do not comply, GDPR is paving a natural road to future-proofing cyber security.
Cloud-based security is another emerging initiative. Cloud based approaches are being adopted to achieve security capability. More and more businesses are moving to the cloud due to it offering increased mobility, flexibility and productivity, versus the now almost ‘out-dated’ on-premises solutions. Data is safer in the Cloud, with “vendors having the benefit of employing security specialists at scale, and embedding security capability into the infrastructure”. However, not everyone is convinced yet. Katie Chubb noted in a recent survey that 49% of IT decision makers are “very or extremely anxious about the security implications of cloud services”. This gap will need to be bridged if we are to see real ‘future-proof’ advances in cyber security.
Yet technological advancements are not enough. To successfully future-proof cyber security, companies need to adopt a clear strategy and vision. For example, an organisation must identify its critical assets (in case of a cyber-attack), as well as creating a robust resilience strategy. It should also identify existing capabilities within its IS function, and deploy new controls where necessary. The attitude and overall approach towards cyber crime are key in keeping it at bay.
Whilst it is true that many current defences are not agile enough to successfully defend against cyber-attacks, companies are now recognising how valuable a mature security landscape is. With the impending shift to GDPR, along with advancements in cyber crime techniques, cyber security is now a vital, and necessary consideration. The adoption of strategy and increased funding in defences and intelligence will mean that future-proofing cyber security can soon be considered a realistic goal.
Alistair Wardell | Lead Partner
I regularly dip into Forbes articles and if what I read is to come true then 2017 will bring us ground-breaking technologies such as virtual reality and artificial intelligence, creating new paradigms in our healthcare systems, schools, universities, and enterprises.
This is not just advancement for large corporates, such technology ensures that the SME market too will stand to gain from greater comprehension of business operations, more efficient means of measuring success and further insight into client interactions. Ultimately, providing the network foundation is sound enough to sustain progress, this means we will all have the opportunity to make better decisions and innovate faster.
On the subject of innovation, I believe fibre optics has been and still is a key component in technical advancement. With it your business is akin to driving the winning racing car on a formula one speed track – fast, smooth and ahead of the competition, without it you’re driving on a pot-holed track with diversion signs and a rough ride ahead.
Cyber security is a current hot topic but do businesses really understand what cyber is? Whilst we are all familiar with protecting passwords and not leaving laptops in our cars in reality the topic is huge and in my opinion best left to experts. I would encourage anyone with a genuine interest in protecting themselves – intellectual property, information assets, payment security, customer and personal data etc to obtain a copy of Grant Thornton’s Cyber Security & Privacy brochure and read this thoroughly, it’s eye-opening as to what is required to implement a meticulous cyber security policy.
Finally, a topic I recently came across and one to watch is SD-WAN, which my friend’s thirteen year old son informed me was software defined wide area networks (I have put his name forward to our GT’s Head of Global IT, I’m sure he will be an asset in years to come!) SD-WAN apparently provides the ideal solution for any company with multiple offices or remote working staff by using cost-efficient, secure and cloud based WAN connectivity to connect a business to a public or private cloud or company network. I’m still looking into this and its apparent ability to dispense with internal IT departments and instead opt to network via external service providers. For somebody who has a close working relationship with our IT manager, driven by weekly ‘can you take a look at this for me’ moments, I’m yet to be convinced that connecting to a virtual solution will be as pain free as the picture is being painted. I fear WAN may leave some us looking a little wan!
Douglas Haig | Vice chairman
Technology is obviously affecting the way we do things in all areas of business. Whilst it used to be a matter of streamlining a business and then it was the choice of the business owners whether it was worth investing or not, now it is much more about how the customer interacts with the business. The customer is now demanding quicker service, and notably, access to information instantly and at all times of day. Those business that are not investing in this sort of technology may find themselves limited as to what sort of new business they may attract in the future. Cyber security is of increasing concern and is no longer just about having a password policy in place. As hackers become more sophisticated and data protection rules become more stringent (and ever increasing fines for breach) it is essential businesses are aware of their vulnerabilities and how to plug them.
Liz Brookes | Director
Every business in the UK uses tech in one way or another; be it as simple as sending an email or as complex as your whole business being run on a customised CRM system.
The thing with technology is that it is forever changing and it is changing faster than ever! Making it harder and more expensive for companies to keep up. However, even though there are all these emerging technical advantages it doesn’t mean you must follow them.
In the events community, you hear a lot about how introducing Virtual Reality and Augmented Reality at your event will do wonders but if you have systems in place that work for you, your customers and clients do you really need to invest? Tech has its place in our business, checking out a venue for a client using a VR tour saves time and money on visiting the venue and is easy to share the experience with the client but I still believe there is a genuine need for face to face events.
It is understandable why cyber security is such a hot topic considering that it is becoming easier for people to get hold of data so the tech advances I would say to keep up-to-date with is tech surrounding data protection, protection of your customers and employees.
Graham Leslie Morgan | Managing Director
In my opinion the biggest thing to hit the SME world in the last 2 decades has been the march of digital technology and the opportunities and threats that this new world presents. Information is now readily available on demographics, income, wealth, habits and behaviour patterns as never before. This presents the perfect opportunity to be far more efficient and effective at connecting with current and future target customer that ever before. The millennial generation has grown up with devices and when they want something they will find it at the press of the button. Those Business Owners that have embraced this revolution are winning orders 24/7 365 days of the year and we are seeing different types of business grow exponentially as a result of more targeted marketing and the ability to place orders online. In support of this new world pursuit of perfection in customer service and delivering on promises is essential. One mistake in this new world and your brand can be hammered!
There are clearly constant risks that need to be mitigated from cyber crime, loss of data, compromise of payment records and compliance with changing legislation. An all singing and dancing website is a must! in this new age. It is and will be your shop window of the future and we all know if the window dressing is poor no one walks in. Investing and I emphasise investing in a digital strategy for your business is essential with clear plans to audit and review annually at least. Those businesses that embrace technology in all its facets will be significantly more successful than those that sit on their hands. Having an independent audit of where your business sits each year is the best way in my view to stay ahead of the game.
Matt Sutton | Director
Technology is currently advancing faster than any other industry in the world and as such, it is of vital importance that businesses stay on top of the tech curve. Embracing emerging technologies can be disruptive, particularly to smaller businesses who have less available resources to be able to adapt. However, not staying ahead of developments can be more disruptive in the long run and could see your business fall behind its competitors. It is therefore important to be agile to remain competitive in your respective field. However, it is also important to ensure that the technology you invest in is going to benefit your business in the long term and isn’t going to be a short-term fad. Above all, make sure you have a strong online presence, this will not only allow your clients to access your services from as many different outlets as possible but it will also give you a direct insight into how the market develops.
To find out more about our panellists or to look back at previous panel debates, click here.