Is your recruitment business adequately protected against cyber-attacks?
RCSA Webinar on cyber security 1 May.
If you believe your business is too small to gain the attention of cyber criminals – despite the high volume of personal data you receive and store as a recruitment business – you may be leaving yourself open to a great risk of cyber attack. This is the opinion of Michelle Joosse, CEO of Hotline IT, presented of a free webinar for RCSA members on May 1 looking at the Cyber Threat Landscape: How it’s evolving & how to respond .
“I feel in general businesses are unprepared and under protected against the threat of cyber-attacks,” Joosse said. “They are far too complacent and trusting of their digital security.
“The recruitment industry in particular holds important privileged and personal data of employment candidates and contractors. If that is breached, it would be costly to defend and to repair trust.”
According to Joosse the biggest current threat to cyber security to a business is its staff who either have a lack of training about cyber security or have become complacent about it. Recent reports following the introduction of the Notifiable Data Breaches Scheme (NDBS) in Australia and the General Data Protection Regulation (GDPR) in the EU clearly point to user error as a key factor in data security breaches.
“The cyber criminals are always one step ahead and with all the protection in place, it only takes one person to click on a link in a dodgy looking email link to cause damage,” Joosse said. “Too many businesses think it won’t happen to them. But SMEs are prime targets and you could be leaving yourself vulnerable to attack if you have not covered all the bases.”
Joosse explained Hotline IT was offering the free seminar on cyber security to RCSA members because of the need to ensure members are educated about the potential risks and how they can protect themselves against them because of the volume of personal data they receive.
“We already work with a number of RCSA members, so feel that we have a great understanding of the challenges and pain points of the industry,” she said. “We feel the recruitment industry, with its share of personal data, is at a high risk of a cyber-attack and we want to educate members on what they can do to mitigate a successful cyber-attack.”
Joosse adds that hackers had already reached a point of sophistication where they are able to develop viruses and malware which businesses will be unable to protect against. Joosse says this is called the Zero Day Threat and is actually “very common”.
“This is why having systems that are able to query live security threat assessment systems is so important,” she continued. “Just having a firewall and antivirus is no longer enough. Having an Advanced Threat Protection (ATP) that is part of a worldwide security reporting system is so important. This means that anything that is found can be analysed by an AI service.
“If it looks suspect, it can be stopped just on it being suspect. It will then be further analysed and if found to be harmful, will be added to the list for all the systems to know about,” she explained.
While the motivations for hackers are varied and often hard to fathom, from a quest for money to simply showing they are smart enough to beat systems, the need for strong cyber security is clearly less difficult to understand.
Her top tip for businesses when it comes to combatting cyber security is simple: “Do not ignore it, do not think you are not a potential target,” she said. “Anyone is a target and the easier you make it, the more you will lose.”
Registrations for the Cyber Threat Landscape: How it’s evolving & how to respond webinar can be made here.