Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Wednesday, 8 February, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Is the C-suite exempt from cyber-crime anxiety?

by The Gurus
May 24, 2018
in This Week's Gurus
Share on FacebookShare on Twitter

If recent cyber-attacks are anything to go by, cyber-criminals are capable of causing colossal damage to organisations of all sizes. With vital public services such as the NHS succumbing to attacks, it seems that nothing is off the table when it comes down to cyber-criminals deciding who to target. However, according to some reports, the C-suite isn’t sweating over the potential of an attack or the financial fallout if such an attack is successful.

 

According to one report covered by City A.M., just one third of businesses in Britain have a financial strategy prepared should they become the subject of a cyber-attack. What’s more, only half of companies actually discuss the possibility of a cyber-attack at board level, according to research from Lloyds Bank.

 

Business leaders must think beyond simply signing off budgets for safeguarding software and physical hardware. They must also consider the financial consequences of a potential attack, including the seemingly far-fetched but increasingly likely concept of paying a ransom to regain access to systems in the control of cyber-criminals, or to release data that cyber-criminals have swiped from their systems.

 

On the former, the survey suggests one third of companies would pay such a demand to unlock their systems. But aren’t you just opening the door to even more attacks in doing so? Even if you were willing to stump up the money, how much would you be prepared to pay and has this amount been insured for? Only a quarter of those surveyed by Lloyds Bank had policies covering such scenarios.

 

Though the problem remains that these ‘cyber insurance’ policies simply don’t cover everything – how could they when the threat landscape changes daily and it is an immature market for insurers? And when hackers have locked your systems and threatened to delete data if you don’t hand over money, the decision on whether to pay or not can be a tough call; risking huge reputational and day-to-day damage, even putting lives at risk in some cases.

 

You only have to look at last year’s NHS cyber-attack and the recent attack on the city of Atlanta’s servers to imagine the fallout and destruction that could ensue. Of course, the best form of defence is a proactive defence, especially when cyber-attacks are getting far smarter at outwitting the checks and balances many currently have in place.

 

The biggest source of infiltration by criminal malware is email and all it takes is one member of staff to click on a seemingly innocent attachment in an email that appears to have been sent from a known email contact. In fact, 74 percent of all successful malware and ransomware attacks find their way on to IT systems and to sensitive data through email attachments. Being that email is the lifeblood of organisations, it can’t simply be switched off to safeguard the business from attacks.

 

This does not mean your current security technology is entirely useless, but it does mean you must continually analyse its ability to protect you and ensure every border is protected. We’re still witnessing companies applying a one-size-fits-all approach to cyber security, as if it’s simply another tick-in-the-box exercise. This is a grave mistake. Every border needs innovative technology in place to keep threats at bay because the traditional anti-virus methods cannot keep up with the dynamic threat landscape that we see today.

 

But how often would a company run education sessions for employees to ensure they know what they should click and what they shouldn’t? The old adage of ‘if it looks too good to be true, it probably is’ still has value, but cyber-attacks are becoming even more sophisticated and clever at disguising themselves in realistic-looking documents and links.

 

Alongside this, it is reported that only one in 10 cases cyber-crime cases are actually investigated by police; leaving the door wide open for the problem to grow out of hand in the coming years, with crooks knowing they are likely to get away with it if they just try their luck. The power is firmly in the hands of the cyber-criminal.

 

The advent of GDPR regulation, coming into effect in May, also raises fears. It means enterprises face much larger financial penalties should they suffer a data breach. The recent compromising of 150 million MyFitnessPal accounts is just another example in a long line of such attacks, which are increasingly becoming everyday news.

 

It’s disconcerting to learn that just half of companies are discussing these issues at the most senior levels. The problem must be taken seriously rather than parked as something that ‘won’t ever happen to us’. Then it must be tackled head on – proactively rather than reactively.

 

Unless you are thinking proactively and embracing innovation to regularly close down attack vectors, you’ll forever be on the backfoot with potential fixes and patches, watching helplessly as cyber criminals race ahead with new and successful attempts to bypass them.

FacebookTweetLinkedIn
Tags: CybersecurityTechnology
ShareTweetShare
Previous Post

Solving the problem of insider threats to enterprise cybersecurity

Next Post

Malware Found in the Firmware of 141 Low-Cost Android Devices

Recent News

Cato Networks delivers first CASB for instant visibility and control of cloud application data risk

Cato SASE Cloud Named “Leader” and “Outperformer” in GigaOm Radar Report for SD-WAN

February 7, 2023
AT&T Cybersecurity grows SASE offering by adding Palo Alto Networks

UK second most targeted nation behind America for Ransomware

February 7, 2023
safe

Will Emphasising App Security Lead to More App Installs?

February 6, 2023
Phone with app store open

$400,000 Fine for Stalkerware App Developer

February 6, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information