Following the recent news headlines surrounding the TalkTalk cyber liability case and increasing reports of cyber-attacks, the need to implement effective data security measures is ever more paramount and could prevent your club from becoming the latest victim of a cybercrime.
Golf clubs handle considerable amounts of data about their members, often containing sensitive personal information, which makes them an ideal target for cyber criminals.
Data security should be a fundamental part of your business strategy. Weak security systems could enable cyber hackers to compromise your network by stealing valuable data such as financial information including card and bank account details. Even data as simple as names, addresses and dates of birth are valuable to criminals and can be sold for the purposes of identity theft.
Golf clubs should take precautionary steps to protect themselves and their members from the threat of cyber-attacks by:
- Conducting a risk analysis to review the information stored on your network
- Determine who has access to the organisations IT systems
- Set up difficult passwords and to change these frequently
- Implement document classification to identify categories of confidentiality
- Implement security polices to advise employees on how to best handle confidential business data
- Disable USB ports
- Ensure data is encrypted
- Ensure security software is updated regularly
- Hire an IT expert to manage security systems and carry out regular network checks
- Store information in accordance with the guidelines of the Data Protection Act (1998 & 2003)
A cyber-attack could cause enormous disruption and considerable financial cost to your club. Failure to implement adequate security systems could see your club faced with negative consequences including, breach of customer confidentiality, non-compliance penalties, financial losses and compromised business reputation.
If your network has been compromised it is important you contact an IT specialist to secure your system from further intrusion by hackers. Seeking IT advice would determine the extent of the data breach and could help to minimise the impact of your losses. It is also essential you notify all those members whose data could have been affected so that they can inform their bank to further protect their interests. In addition, you may also be required to set up a credit monitoring service to ensure no further losses are incurred if the stolen data has been used by fraudsters.
Taking simple steps to change procedures on how data is managed can make your systems considerably more secure.
The insurance market is responding rapidly to emerging cyber risks. A good cyber liability policy, as well as protecting you against the financial cost of an attack, will also include expert advice and crisis management assistance to ensure your organisations reputation is protected. This can be provided by several companies including Perkins Slade who from 1st January will be providing all GCMA Members with a personal Legal Expenses Insurance policy as part of the membership benefits package.