Cyber security: 5 things recruitment businesses should know
How clued up are you and your team on cyber security? Do you know your malware from your phishing scams? Cyber-attacks are an increasing threat to all types of business, and recruitment firms are an attractive target because they hold lots of sensitive data that criminals would love to get their hands on. So what can recruitment agencies do to protect their businesses while working in an increasingly online world? Read on to find out the top 5 things we think recruiters should know about keeping safe online.
- Human error is reportedly the biggest reason for cyber-attacks and failures in cyber security
Operating systems, websites and software are increasingly built with tighter and tighter security features. This means that when things go wrong, it’s often down to human error. The things that you or your colleagues do – or don’t do – can be the weakness that lets a cyber criminal mount a successful attack. This could be things like:
- Not using strong passwords, or using the same password for everything.
- Unwittingly downloading a file that contains malware.
- Sending emails to the wrong address, or forgetting to BCC.
- Not installing security updates to operating systems or programs.
- Responding to phishing emails, fraudulent texts or phone scams.
No one wants to be the one who makes a mistake that puts the confidential data of your clients at risk, or causes the company to be defrauded of thousands of pounds. That’s why up-to-date cyber security training is a must for everyone in your recruitment team.
- Cyber-attacks increased through COVID
The pandemic changed the world of work and sent many more day-to-day recruitment tasks online. So it’s perhaps unsurprising that cyber-attacks increased dramatically during the COVID-19 years. The Financial Times reported that 30 billion data records were stolen in 2020 – more than in the previous 15 years put together! The shift to cloud-based storage systems, the increase in remote working and scams that targeted people’s concerns about COVID, all contributed to this rise in cybercrime.
- A breach of cyber security can have a massive impact on your business
It’s not only the loss of data and breach of regulations that recruiters have to worry about with cyber-attacks. Being a victim of a cyber scam can have huge financial implications for businesses – and can often force businesses to close down and be unable to work while the damage is fixed. For example, ransomware attacks can lock your systems and data until a large sum of money is paid to the criminals. Other attacks can compromise client data, and force you to have to work to put this right and fix any vulnerabilities before you can return to normal business. High street discount bookseller The Works was forced to temporarily close 5 stores earlier this year due to a cyber attack. Interruption of business, loss of staff time and reputational damage are all risks of being victim to a cyber-attack.
- You can make sure your company is protected
It’s not all doom and gloom though – the good news is that there are plenty of things you can do to help protect your staffing business from the threat of cyber crime. Some of the steps we recommend to recruitment companies are:
- Regular staff training on cyber security.
- Have a cyber security process and business continuity plan so that everyone knows what to do in the event of a breach.
- Be alert to signs of scam emails, texts and phone calls – update your team about common or new scam tactics regularly.
- Consider setting up a verification process for dealing with changes to client or contractor data, and access to bank details, to ensure no ones’ information gets into the wrong hands.
- Look after your data – make sure it is securely stored and that there’s a recent back-up available.
- Update all systems regularly.
- Use strong, unique passwords and don’t share them around the office.
- Cyber insurance can be a vital back-up
Cyber criminals are often operating as part of organised gangs and it’s almost impossible for businesses, however savvy they are to the risks, to stay ahead of their tactics. While the steps described above might help close some of the most commonly exploited loopholes and vulnerabilities, the risk of an attack will still remain. That’s where cyber liability insurance comes in – a policy that’s there to protect recruitment businesses in the event that they experience a breach or attack. This will cover both first-party and third-party assets, offering financial compensation for business interruption costs, the cost of hiring IT experts to put right your systems and recover your data, and ransom costs. It will also offer cover for regulatory defence and penalties if the authorities think you haven’t fulfilled your obligations. Get in touch with Kingsbridge and we can help you get sorted with the right cover. You can also help your contractors get protected too, with our cyber liability insurance for contractors.
Cyber crime is an ever-present and growing threat to recruitment businesses, but with some simple steps to protect your recruitment business, it needn’t be a worry. Now, time for you to go and change those passwords!