What must businesses learn from the Yahoo data breach?


Data protection must be a priority for organisations.

Businesses of all sizes are being targeted by hackers and while we hear most about those affecting larger companies, many crimes affecting smaller businesses are left unreported.

SMEs are often viewed as an easy target by hackers because they lack the resources to implement robust data management systems and keep their defences up to date.

Left unguarded, these businesses are also more likely to go under if they are hit by a cyberattack, due to the reputational damage caused by such events.

>See also: Yahoo data leak: the biggest on record

With incoming EU legislation on the horizon in the form of the GDPR regulations, which will take effect in 2018, it is increasingly important that all businesses take action to protect their data or risk financial penalties.

Among the strategies that businesses can take to protect their data, they should consider using external specialists to test their website and data handling and storage systems on a regular basis.

>See also: Yahoo! loses privacy and data centre executives

They should also have contingency plans to implement in the event of a cyberattack, which should include a communications strategy and an action plan to protect customers and/or employees, such as a means of triggering a password reset.

Training employees and data handlers about the need to protect customer information can also help businesses to guard against phishing attacks.

>See also: Protecting your personal data from hackers

The business could also seek certification from the government-backed Cyber Essentials scheme to demonstrate that they have implemented data protection controls.

As the risk of cyber attacks grow, businesses must prioritise data protection by keeping systems under review and investing in measures to ring fence the value-rich information they hold.

Sourced by Stephen Hemmings, partner and head of technology at Menzies LLP

Avatar photo

Nick Ismail

Nick Ismail is a former editor for Information Age (from 2018 to 2022) before moving on to become Global Head of Brand Journalism at HCLTech. He has a particular interest in smart technologies, AI and...