While business executives continue to grapple with uncertainty over Brexit, there is another persistent issue threatening corporate stability. From notorious data breaches like Facebook and British Airways to increasing suggestions surrounding Russian interference in the US election, security errors and heavy-duty cyber-criminals caused chaos last year, and in 2019, the stakes for protecting your company are even higher.
According to the World Economic Forum’s Regional Risks for Doing Business report, cyber-attacks are the fifth biggest risk concerning global commerce, so it’s no wonder cyber security is on every business leaders mind. While the cyber threat landscape continues to gain traction, with new pressures emerging daily, the ability to prepare, educate and collaborate can strengthen organisational resilience, and this durability can be the difference between those businesses that recover from cybercrime and those that fall prey.
Ransomware has quickly become one of the most infectious and feared threats in business, with predictions that there will be a ransomware attack every 14 seconds by the end of 2019. Data mega- breaches will continue to make the headlines, but to survive businesses must concentrate on how to manage and mitigate cyber-risk. Understanding new threats and not just established ones is key for a strong security posture, especially while the universal shift to higher levels of connectivity brings with it fresh problems. Innovation can be the lifeblood of business, but it can also come at a cost. Employing technology like cloud-based storage and the Internet of Things can threaten security, and businesses need assistance to successfully navigate this new terrain.
The Information Security Forum is a not for profit organisation that provide best practice methodologies, processes and solutions in cyber, information security and risk management and ISF members benefit from harnessing and sharing in-depth knowledge and practical experience. The Threat Horizon 2021 report published by the ISF, intended for business leaders who want to understand cyber risks and their potential effects, include some things to look out for over the next few years: 1) Digital Connectivity Exposes Hidden Dangers The development of IoT and automation generates new opportunities for businesses.
Yet, with additional connected devices comes new security risks across an organisation's critical infrastructure, which can expose flaws 2) Digital Cold War Engulfs Business: By 2021, the world will see a digital cold war that will significantly damage businesses 3) Digital Competitors Rip Up The Rulebook: Businesses will find competing in the digital marketplace increasingly challenging as they develop new strategies that test existing regulatory frameworks, allowing threats to grow in speed and accuracy Regarding the variety of cyber-security concerns last year – from compliance with the recently debuted GDPR to high-profile data breaches to the social media privacy scandal – it’s no surprise that the European Confederation of Institutes of Internal Auditing’s (ECIIA) Risk in Focus 2019 report found that organisations labelled cyber-security as their greatest risk.
ISF members can tackle this weakness and reduce threats by staying up-to-date and attending global workshops with industry experts. What are the main security and safeguarding issues lacking in organisations today? – Cyber security training: Employing technological solutions to identify malicious code is important, but educating employees on cyber risk is a key step. Since 2017, 88% of UK data breaches were caused by human error, not direct cyber-attacks, highlighting the inherent need for employee training to be factored into budgets and be prioritised by decision-makers – Shared knowledge: Collaboration is vital when tackling cyber security, and working across enterprises and industries can keep the private data of companies and individuals safer.
While it may seem counter-intuitive, working together can help pinpoint criminals and prepare organisations for the inevitable day when a disruption occurs, allowing them to respond quickly and appropriately – Understanding: The Cyber Governance Health Check report from the Department for Digital, Culture, Media and Sport and the National Cyber Security Centre found less than a fifth of boards at FTSE 350 firms had a comprehensive understanding of what impact a cyber incident would have, in spite of 96% of companies having a cybersecurity strategy in place The frequency and the financial consequence of cybercrime is on the rise, with the typical cost of a breach reaching £934,000.
With economic volatility and political uncertainly at an all-time high, enterprises are looking to cyber insurance, to help manage the risk. The cyber security insurance market is expected to reach $17.55 billion in 2023, up from $4.52 billion in 2017, according to the Global Cyber Security Insurance Market 2018-2023 report by Orbis Research. An increase in cyber risk awareness amongst high-level executives, the implementation of legislation regarding data security in emerging nations, a rise in cyber data breaches and an increasing adoption of cloud-based services, are just some of the factors driving this growth in the cyber security insurance market. According to the Federal Trade Commission, insurance should cover data breaches resulting in theft of personal information, cyberattacks on your data or your network, cyberattacks anywhere in the world and terrorist attacks. Companies can protect themselves through association memberships, insurance and on-going training in the years ahead. “Our 2019 M-Trends report shows that no industry is safe from these threats, which is why it is positive to see breach response times improving across the board. However, most attackers only need a few days inside an organization to cause costly damage so the battle on the front lines of cyber-attacks will continue for the foreseeable future,’ says Jurgen Kutscher, Executive Vice President of Service Delivery at FireEye, an intelligence-led security company. While it is clear cyber-attacks are here to stay, the good news is that companies recognise the threats they face and are discovering new ways to protect themselves, and associations like the ISF provide the support and expertise required to flourish. Businesses that are alert to new technologies and subsequent threats in 2019 will be best placed to make winning decisions. Cyber security is a universal business risk, not just an IT problem. To stay ahead, implement a strong risk culture, lead from the top and prepare your organisation for the risks ahead.
For more information on on ISF membership and services, please visit hpps://www.securityforum.or