By Jim Wheeler, Director Cyber Operations
Have you ever sent an inadvertent email to someone? It’s like the next generation of pocket dialling error. You are halfway through an email on your phone when the train carriage hits a bump, thumb slips, and whoosh! Your email is off, half-baked, to its intended recipient. Add sensitive data to the mix and the effects can be life changing.
In September 2015, a sexual health clinic in the UK sent out a group mailshot to 730 of its 780 registered email addresses but entered their email addresses into the "To" field and not the "BCC" field. The data leak meant that all recipients saw all the email addresses which unfortunately led to great upset and understandable distress.
Once a leak like this is out there is no going back. No Ctrl Z, no "it will blow over". The subsequent fine by the Information Commissioners Office (ICO) was £180,000. These information leaks are digital which means they are a perfect replica of data which can be stored forever with no degradation.
So what could they have done differently? Here are just two areas that could help and aren’t cost prohibitive.
The devil is in the detail
Ensure the correct type of policies and procedures are in place for each mailshot. This might not sound very exciting but believe me, this is the nuts and bolts of making sure we keep sensitive data secure.
Education for all
Employees from board to workforce, need to be educated on the threats and risks of cyber security. Not every data breach is down to a hooded teenager in a dark room with a green computer screen.
Don’t know where to start tackling these issues? Need assistance in securing your data, networks and business? Contact PGI. Our cyber specialists are passionate about education and improving your cyber security.
Some solutions are more affordable than you might think. Education could have helped to avoid that £180,000 fine for example.
A great place to start is http://pgicyberacademy.com/courses/executive-cyber-awareness/