Ten practical steps that businesses can follow to safely navigate the digital age and strengthen their resilience against potential risks are included in the BSE Guide to Cybersecurity released today.

As the authors of the Guide point out, Cybersecurity is an extremely important condition for businesses, as the breach of a company’s digital security affects its people, its business continuity, its obligations to the authorities and the law, its assets, its reputation, and even its network of partners.

Specifically:
– 43% of medium and small businesses that experience data loss do not recover.
– It takes 23 days per month to restore function after an attack.
– The recovery costs after a cyber security incident are 57% likely to lead to an increase in the price of the company’s products and services, affecting its competitiveness.
– 85%-90% of successful cyber attacks are based on human error, while the same attack can result in double or triple extortion.

BSE’s 10 practical steps for businesses to achieve strong cyber security:

1. Where does the effort begin?

The first step is to identify the weak points and evaluate the strengths of the business. It can be done internally or with the help of external partners, and forms the basis for the company’s cybersecurity action plan.

2. Where are cybersecurity actions focused?

A cybersecurity roadmap guides actions to upgrade systems, establish procedures and protocols for managing cyber-attack incidents, and raise awareness among business people.

3. Who is responsible for cyber security?

Responsibilities and responsibilities for cybersecurity are allocated within a governance mechanism, which defines which processes are activated, who is involved and under which protocols they act in cases of incident response and data breach.

4. How do we protect equipment, data and systems?

With simple, but important actions (security of passwords and emails, security updates, etc.), aimed at monitoring and shielding connected systems and devices from malicious threats.

5. How do we protect the people of the business?

With exercises, seminars and briefings that cultivate a cyber security culture, which strengthens the resilience of the business and the constant vigilance of the employees.

6. How does cybersecurity relate to business continuity?

A cyber attack is a business risk, and a comprehensive business continuity plan foresees a cyber risk response scenario, but also identifies proactive actions to quickly recover the business in the event of a hit.

7. And if the business eventually falls victim to a cyber attack, how does it recover?

By activating the incident response plan, which provides for ways to manage the incident, limit its effects and recover from it.

8. How do cybersecurity certifications help the business?

Regulatory compliance with international and European standards and certifications translates into systematic adherence to reliable levels of cyber security and data protection, and reflects the company’s commitment to good corporate governance practices.

9. How can the damage from a cyber attack be limited?

Cyber ​​insurance is a comprehensive service for managing and financing cyber risk incidents. Cyber ​​insurance products offer a safety net for financial losses, mitigate the risk of damage to corporate reputation, and familiarize businesses with managing the increased responsibility that comes with managing large amounts of customer data.

10. Are the company’s customers and suppliers at risk?

Yes. Cyber ​​protection steps along the supply chain and the adoption of harmonized cyber security practices are needed to avoid exposing everyone to cyber risks.