The problem is that the risks don't go away and the bad guys are smart enough to know that organisations behave in this manner during such events!

We are beginning to see this turn around, but, as a result of this somewhat jerky ride, organisations are now battling to make up ground that has been lost and to resolve the uncertainties.Interestingly, during such crises, a lot of risk simply bubbles under the surface – which management is often unaware of. 

Uncertain times breeds insecurity and, in turn, we see people who still fear for their jobs, even though the downturn has eased. In uncertain times, opportunity sometimes turns honest people to the dark side which in turn poses a threat to the organisation for which they work.

In this type of environment, we often see usually loyal employees hang on to information that they see may become useful to them in the future.  

As with other risks, it is no longer enough just to have anti-virus software and firewalls in place.

There are new risks in play such as the vulnerabilities created by easy access to social media.

And there are the old challenges which haven’t gone away, such as the risks created by removable media and the like.

I work with some very security-savvy companies who are increasingly putting in place the principle of “least privilege”. This is where employees are allowed access only to the information they require to perform their job roles.

Such companies have realised the need for systems where your movements through a corporate network are recognised and recorded as part of a standard security structure.

Information is one of the most valuable assets that any organisation owns. It is at risk every day and must be protected – much like locking the door and arming the alarm at the end of each work day!

Jo Stewart-Rattray is Director of Information Security at RSM Bird Cameron.