A group of around 15 members and guests listened attentively to Andrew Beckett and Will Scott-Gall from Kroll talking about data theft and data loss. Everyone attending probably became more and more reflective during the talk.
- How often have I logged into a wifi network without a password or one where I still had the password from my last connection? Not good!
- Did I check the credentials of the network I used?
- How often did I leave my laptop in a hotel room?
Practical examples of our daily life when using phones and laptops made it clear that data stored on these gadgets can easily be accessed by people who are a bit more technically skilled than the average user.
Companies' Risk Management has improved and a quick check with the audience showed that all companies represented that evening have guidelines in place in case of an emergency (e.g fire). We have been drilled what to do and what steps will be taken following an incident, including who will communicate what to customers, authorities and the media. None of the companies represented had had any such incident in the recent past.
Most hands went up when asked whether there were recent threats regarding data security or actual attacks such as phishing, smishing, unsolicited emails etc. Would any of the companies have a plan in place to react to such real and potentially fatal incidents? Today, a company's Risk Management and Communication Programme should include IT and Cyber risks as well. Management needs to be prepared to react promptly and effectively to protect stakeholder values.