Executive Grapevine | Executive Grapevine International Ltd

It seems that recruiters may be overlooking a critical factor that leaves them open to data breaches...

Not safe for work

When considering cyber security, many people think that having an up-to-date antivirus system installed on their computer is the only thing that they need to protect themselves from harm. But it seems that recruiters may be overlooking a critical factor that leaves them open to data breaches.

Dave Rogers, a Security Specialist at IT solutions provider, Evaris, told Recruitment Grapevine that the one thing that many companies fail to consider when it comes to blocking cyber threats is that their people are almost as important as the software they use. Employees themselves are a huge threat to a business’s security, as many attacks come in the form of attempts to coax staff into revealing passwords or financial information or opening dangerous attachments. 


And, he warns this should be a key concern for recruiters. “Cyber security is of the utmost importance for organisations in all sectors, but for recruitment firms - which typically store significant amounts of candidate and client data on their systems - it is vital to ensure a lot of thought is given to the protection of business data,” he said.

According to recent statistics from the Department for Digital, Culture, Media & Sport, 43% of small businesses and 72% of large businesses in the UK have already been affected by a cyber-attack. The increasing likelihood of such an attack means companies are taking cyber security more seriously than ever, with many adopting what is known as a ‘Zero Trust Model’ - assuming that someone is trying to access their systems at all times and protecting themselves accordingly.qswavc


Torsten George, a Product Evangelist at security software firm, Centrify, told Computer Weekly that a Zero Trust Model has four pillars - verifying users, validating devices, limiting access of privileged users wherever possible, and then applying machine learning to all these factors to step up the authentication processes wherever necessary.

While this may sound extreme it can be worth the effort, as the average cost of an attack to a business was found to be almost £10,000.

“Recruitment businesses need to do more to train each and every person in their workforce - the minute they arrive - to ensure they understand data management, protection and disposal best practice,” Rogers added.