Cyber Attacks Should Be The #1 Concern For Business Leaders

Uploaded on 2021-12-07 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW

Every business is at risk of a cyber attack and these attacks and data loss are the top risks facing business leaders, with COVID-19 and the forced change in working practices serving to increase concerns.

Cyber risk is a broad concept that encompasses all risks that arise from the use of technology and data, has recently undergone a surge in prominence. 

This is in part because of a number of high-profile cyber incidents that have placed the issue of cyber risk to the forefront of public attention.

Cyber attacks should be the number one concern for Board Directors according to new research from McGill and Partners, the specialist re-insurance broker. 81% of board directors surveyed by McGill and Partners and NEDonBoard, the professional body for non-executive directors and board members, identified cyber attacks as the biggest threat that their business currently faces.

The number of large-scale cyber attacks has grown in recent years, with several high-profile examples making headlines across the world just this year, from the Colonial Pipeline ransomware attack in May 2021 to the T-Mobile data breach in August.

Despite an apparent lack of board-level input, it is undeniable that cyber risk affects practically every business. According to a survey commissioned by the British government, nearly nine out of ten large organisations have suffered some form of cyber security breach.  The cost of a major cyber incident is likely to be significant. For example, studies have shown that the estimated average cost of a data breach in the UK financial services sector is in excess of $4 million. 

In addition, the global shift towards a digital economy means that cyber security and the protection of personal data are subject to increased legal and regulatory scrutiny.

Cost is not the only factor that Board Directors must consider in regard to cyber attacks. On average it can take between two to four weeks to recover from an attack, with some businesses taking much longer to return to normal. This can have a significant financial and reputational impact for businesses unable to trade during these periods.

With more businesses embracing hybrid working, as well as an increasing amount of technology used across all sectors from manufacturing to healthcare the risk associated with a cyber attack is only growing.

There are measures that boards can employ to protect against an attack.

  • Cyber insurance can play a role, supporting businesses in the face of a threat as well as protecting the balance sheet. Well-crafted coverage, uniquely suited to the organisation can provide access to fully vetted, post-incident vendors aiding in the efficiency of the response.
  • Furthermore they should encourage the adoption of market-leading cyber security protections as a means to broader coverage and support board members in evidencing the organisation’s commitment to cyber security following an incident.
  • The impact of a ransomware attack on an organisation can be devastating.Business leaders and board members must be proactive to make sure that their organisation is prepared for such a ransomware attack. 
  • Every organisation should establish a plan to mitigate the risk of key people being unavailable in the event of a system failure. Keep a list of contact details for backup technicians. Document the configuration of hardware and software applications and keep this up to date so that a new technician can quickly rebuild the system.

While prevention is always the first priority, business leaders and board members should think hard about the  processes and procedures they have in place are good enough to ensure the business’ resilience when an attack takes place.

NCSC:     Norton Rose Fulbright:     IFAC:      Business Leader:    Insurance  Post:    Clyd&Co:    CyberGuard:

You Might Also Read: 

Directors Must Understand Their Organisation’s Cyber Risks:

 

« A Short Guide To Building Cloud-Based SaaS Applications
Multiple Location Supermarket Suffers Supply Chain Attack »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Clearpath Solutions Group

Clearpath Solutions Group

Clearpath Solutions Group expertise covers virtualization and data storage technologies, networking, security and cloud computing.

Freshfields Bruckhaus Deringer

Freshfields Bruckhaus Deringer

Freshfields Bruckhaus Deringer is a global law firm with a track record of successfully supporting the world's leading corporations, financial institutions and governments.

Nubo Software

Nubo Software

Nubo’s Virtual Mobile Infrastructure creates a virtual corporate device on your employee smartphones and tablets. Enable unlimited mobility without leaving any data at risk.

Skurio

Skurio

Skurio create cost-effective, intuitive and powerful Cloud based solutions to identify threats, detect data breaches outside the network and automate the response.

Maticmind

Maticmind

Maticmind is an ICT System Integrator providing solutions and specialized skills in Networking, Security, Unified Communications & Collaboration, Datacenter & Cloud and Application.

CyberProof

CyberProof

CyberProof aims to give clarity and confidence to businesses worldwide using a new risk-based approach to cyber security services.

Nextcloud

Nextcloud

Nextcloud offers offers solutions to the combined need of security and ubiquitous access to data and collaboration technology.

UltraSoC Technologies

UltraSoC Technologies

Mayhem

Mayhem

Mayhem, by ForAllSecure, is a developer-first application and API security testing solution.

EVOKE

EVOKE

EVOKE is an award-winning Digital Transformation company that partners with its clients to build digital workplace solutions for organizational challenges.

Protected Media

Protected Media

Protected Media’s advanced cybersecurity ad fraud solution guards you against current and emerging threats across Connected TV, Display and Video advertising.

Probity

Probity

Probity Inc. is a certified software development and systems engineering company, providing support to federal government and national defense related clients.

Association of Azerbaijani Cyber Security Organizations (AKTA)

Association of Azerbaijani Cyber Security Organizations (AKTA)

The Association of Azerbaijani Cyber Security Organizations (AKTA) is a non-commercial organization aimed at strengthening the country's cybersecurity system.

BreachBits

BreachBits

BreachBits are on a mission to deliver world-class cyber risk insights continuously at scale in situations where knowing the true risk truly matters.

EasySec Solutions

EasySec Solutions

EasySec Solutions provides a cyber-security platform, based on a combination of the zero trust model and the software-defined security management.

Black Duck Software

Black Duck Software

Black Duck (formerly the Synopsys Software Integrity Group) is the market leader in application security testing (AST).