Cyber Attacks Should Be The #1 Concern For Business Leaders

Every business is at risk of a cyber attack and these attacks and data loss are the top risks facing business leaders, with COVID-19 and the forced change in working practices serving to increase concerns.

Cyber risk is a broad concept that encompasses all risks that arise from the use of technology and data, has recently undergone a surge in prominence. 

This is in part because of a number of high-profile cyber incidents that have placed the issue of cyber risk to the forefront of public attention.

Cyber attacks should be the number one concern for Board Directors according to new research from McGill and Partners, the specialist re-insurance broker. 81% of board directors surveyed by McGill and Partners and NEDonBoard, the professional body for non-executive directors and board members, identified cyber attacks as the biggest threat that their business currently faces.

The number of large-scale cyber attacks has grown in recent years, with several high-profile examples making headlines across the world just this year, from the Colonial Pipeline ransomware attack in May 2021 to the T-Mobile data breach in August.

Despite an apparent lack of board-level input, it is undeniable that cyber risk affects practically every business. According to a survey commissioned by the British government, nearly nine out of ten large organisations have suffered some form of cyber security breach.  The cost of a major cyber incident is likely to be significant. For example, studies have shown that the estimated average cost of a data breach in the UK financial services sector is in excess of $4 million. 

In addition, the global shift towards a digital economy means that cyber security and the protection of personal data are subject to increased legal and regulatory scrutiny.

Cost is not the only factor that Board Directors must consider in regard to cyber attacks. On average it can take between two to four weeks to recover from an attack, with some businesses taking much longer to return to normal. This can have a significant financial and reputational impact for businesses unable to trade during these periods.

With more businesses embracing hybrid working, as well as an increasing amount of technology used across all sectors from manufacturing to healthcare the risk associated with a cyber attack is only growing.

There are measures that boards can employ to protect against an attack.

  • Cyber insurance can play a role, supporting businesses in the face of a threat as well as protecting the balance sheet. Well-crafted coverage, uniquely suited to the organisation can provide access to fully vetted, post-incident vendors aiding in the efficiency of the response.
  • Furthermore they should encourage the adoption of market-leading cyber security protections as a means to broader coverage and support board members in evidencing the organisation’s commitment to cyber security following an incident.
  • The impact of a ransomware attack on an organisation can be devastating.Business leaders and board members must be proactive to make sure that their organisation is prepared for such a ransomware attack. 
  • Every organisation should establish a plan to mitigate the risk of key people being unavailable in the event of a system failure. Keep a list of contact details for backup technicians. Document the configuration of hardware and software applications and keep this up to date so that a new technician can quickly rebuild the system.

While prevention is always the first priority, business leaders and board members should think hard about the  processes and procedures they have in place are good enough to ensure the business’ resilience when an attack takes place.

NCSC:     Norton Rose Fulbright:     IFAC:      Business Leader:    Insurance  Post:    Clyd&Co:    CyberGuard:

You Might Also Read: 

Directors Must Understand Their Organisation’s Cyber Risks:

 

« A Short Guide To Building Cloud-Based SaaS Applications
Multiple Location Supermarket Suffers Supply Chain Attack »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

Cybsecurity Foundation (CSF)

Cybsecurity Foundation (CSF)

Cybsecurity is a non-profit NGO, which aims to work on improvement of security levels in the Polish cyberspace.

Secure Identity Alliance (SIA)

Secure Identity Alliance (SIA)

The Secure Identity Alliance is dedicated to supporting sustainable worldwide economic growth and prosperity through the development of trusted digital identities and the adoption of secure eServices.

CQS (Certified Quality Systems)

CQS (Certified Quality Systems)

CQS is an organisation specialising in ISO assessment and certification, including ISO 27001, along with other management system standards.

Visa

Visa

Visa is a global payments technology company that connects consumers, businesses and banks in more than 200 countries and territories worldwide.

PlainID

PlainID

PlainID provides IAM teams with a simple and intuitive means to control their organization’s entire authorization process.

TokenOne

TokenOne

TokenOne is a Cyber Security software company that makes it easy to replace passwords, tokens and other forms of authentication with a more secure solution.

ISARA Corp

ISARA Corp

ISARA Corporation is a security solutions company specializing in creating class-defining quantum-safe cryptography for today's computing ecosystems.

Seltek Technology Solutions

Seltek Technology Solutions

Seltek provides Digital Forensics, eDiscovery, Cybersecurity Assessments and IT Support services.

London Office for Rapid Cybersecurity Advancement (LORCA)

London Office for Rapid Cybersecurity Advancement (LORCA)

LORCA's mission is to support the most promising cyber security innovators in growing solutions to meet the most pressing industry challenges and build the UK’s international cyber security profile.

InstaSafe Technologies

InstaSafe Technologies

InstaSafe®, a Software Defined Perimeter based (SDP) one-stop Secure Access Solution for On-Premise and Cloud Applications.

CyberArts

CyberArts

CyberArts is founded on the belief that every single organization deserves and requires the creme de la creme when there is a need for Cyber services.

Center for Research on Scientific & Technical Information (CERIST)

Center for Research on Scientific & Technical Information (CERIST)

CERIST is a scientific and technical research centre with activities focused in the area of networks, information systems and IT security.

Tutamantic

Tutamantic

Tutamantic develops software that reduces security risks and weaknesses during the architectural and design stages.

CYRISMA

CYRISMA

CYRISMA is a revolutionary cybersecurity platform that helps organizations manage risk without the usual headaches associated with enterprise cybersecurity tools.

D2 Network Associates (D2NA)

D2 Network Associates (D2NA)

D2NA help businesses deliver and achieve their goals, through innovative IT solutions, robust cyber security services and proactive IT managed services.

Jit

Jit

Jit empowers developers to own security for the product they are building from day zero.