The choices that characters make in scary movies can often seem baffling. Why do they never turn the lights on when entering the house at night alone? How come they always run upstairs and never outside when being chased?
These may be fictional scenarios we’ve seen on the screen many times, but real-world businesses are just as guilty of making the same poor decisions when it comes to securing sensitive data, and the consequences are all too grave.
So, where are businesses making the wrong moves when it comes to protecting their data?
Relax, we’ll be fine
The wrong move: One of the biggest mistakes businesses can make is assuming that they’ll be fine, and they won’t get caught by the bad guy. In fact, this is far from the case — it’s a matter of when, not if, a business is breached.
How to survive: Rather than walking down a dark alley assuming that they’ll be fine, businesses need to educate themselves on the threats out there and start taking a security-first approach. This starts from the top down — if the board isn’t invested, how can they expect the rest of the business to be?
Wait, where’s our data?
The wrong move: A common mistake many businesses make is not understanding where their data is stored in the first place. If they don’t know where their data sits, how can they protect it?
How to survive: With more data being stored in the cloud, the scope of where it could be is far greater than ever before, and it is more difficult to track exactly where it is. The first step a business must take before implementing any cyber security strategy is to conduct a data sweep. This helps a business understand what data it has collected or produced, and where the most sensitive parts are stored.
Let’s keep this a secret
The wrong move: Those who think that they won’t have to tell anyone if a breach happens are badly mistaken. Under new data privacy laws, any breach must be publicly acknowledged and reported to the authorities.
As well as trying to recover stolen data, firms are now vulnerable to a reputational hit with customers and a financial hit from regulatory fines.
How to survive: Businesses need to gain a deeper understanding of their responsibilities and the rights of customers. New regulations have moved the control of data from the business to the consumer, so there must be a concerted effort to ensure that the rules are being followed correctly.
The wrong move: A big misconception among business leaders is that their perimeter security will protect the firm and its assets. This isn’t true.
Much like in the films, if a bad guy wants to get through a door, they will do it (usually with an axe, like Jack Nicholson in The Shining). Once in, data becomes ripe for the picking.
How to survive: Instead of focusing on the perimeter, businesses must protect the sensitive data at their core. This means implementing simple, robust security protocols such as encryption and two-factor authentication. By encrypting data and securing access to it through authentication, any data that is stolen becomes useless to the hacker.
The cinema is a chance to experience a thrilling scenario that’s unlikely to happen in our world, but these scary situations are becoming all too real in business.
If they don’t avoid these ghastly mistakes, businesses could find that the nightmare situations of horror films are a bit too close to home.
Main image: Getty