3. Describe the consequences and implications of inadequate cyber security (AC 1.3)

Without adequate cyber security practices you'll never be without a problem. You will always have something to worry about. A successful cyberattack can your halt your business to a standstill. If done well, you might loose all your funds, sensitive details about your employees, customers, business partners, and to top it all off, you might find yourself fined with a regulatory fine for not storing your information correctly. With no money, and the fact you've lost sensitive information, your reputation goes. Cyber attacker can be after many things such as:

• Industrial information

• Intellectual property

• Personal information

• Health information

• Sensitive data

Loss of any or all from this list can be further damaging to you financially, reputationally or you can face legal consequences. Economic costs for an individual Most threat actors are after money.

• They can either sell the data

• use it in phishing attacks

• use directly to steal money.

Economic costs for an organisation Same threat as for an individual but with added risks. On top of all of the above, if there's been a breach to your organisation.

• Loss of business or contracts from reputational damage

• Downtime of servers can mean your business might not be able to take any orders

• Company's secrets, such as how to make Coca Cola

Legal consequences If your business has been attacked and sensitive information got into the wrong hands. You could be fined. Data protection and privacy laws require organisation to manage the security of all personal data they hold. If you have failed to use appropriate security measures to store data you could be fined! Fun website: Check if you email has been in a data breach(My email address has been in 4 data breaches lol)