Are you Cyber Security Aware?

08 October 2019

We were asked to independently review a client’s systems because they had identified some concerning discrepancies in their invoicing and receipts systems.

A customer was showing up in their system as having an overdue invoice, when the customer was contacted they insisted that they had received the invoice and made payment. Before we did anything, we asked them to consider whether they might have suffered a security breach. They identified a staff member who had sole control over invoicing and receipts, a clear security risk and initially sparking suspicion.

Acting upon BDO’s advice, the client hired an independent consultant to review their system and found that their email had been hacked by an external party and there was a breach in their IT systems. Someone had intercepted the invoice, changed the bank account number and received the customer’s payment. 

Cyber security is an important issue and you ignore it at your peril.  Apart from the risk of direct financial loss there is the inconvenience of sorting out the problem including potentially changing your company email address and advising all your customers.  This can be very time consuming and there is the risk to your business reputation.  It is better to be vigilant and make sure your systems and processes are robust. 

There’s no absolute guarantee of cyber security but there are some steps you can do to lessen the risk:

  • Make sure you back up your data and keep it in a safe separate location.
  • Keep your software including apps up to date – updates often include fixes for security problems.
  • Choose secure passwords – a password manager is a safe and secure way to store your passwords and means you only need to remember one log in.
  • Use two step authentication wherever possible
  • Install antivirus software and scan your system regularly
  • Consider cyber security insurance

Download our latest Cyber Security Survey results to find out what threats are facing your industry and benchmark your cyber efforts against your peers to assess how prepared you are.