Companies all over the world need to protect themselves from the growing threat of cyber attacks
By Gilbert Kamieniecky
The former chief information officer at the FBI, Chad Fulgham, once said: “There are two types of businesses: those who have been hacked and those who don’t know they’ve been hacked.”
During conversations held by global leaders at the World Economic Forum in Davos, Switzerland, there was a shock, not just by the limitless opportunities presented by technology, but also by the need for a clear awareness of the threats.
Companies across the board today can fall victim to cybercrime. Business companies’ concept of cyber security has evolved from a worry that was relegated to the back of the mind to a strategic area of focus.
According to PwC, global security incidents rose at an average of 66 percent per annum between 2009 and 2014. Perhaps more troubling is the 2013 Europol Serious & Organized Threat Assessment’s estimate that the total impact of cybercrime has risen to $3 trillion, a number larger than the annual GDP of the United Kingdom.
The increasing sophistication of attacks poses complex threats to companies, which in consequence, can suffer potentially devastating financial damage and mar a firm’s reputation.
Professional services firm Ernst & Young, (EY), notes that news outlets often report cyber incidents sensationally, causing a potential dramatic and damaging reactions from audiences.
However, in many cases, most of these attacks occur weeks or months before being detected.
On average, hackers go undetected for 205 days while 84 percent of organizations can be compromised within hours, making it even more vital for companies to have robust measures in place to prevent cyber threats.
Moreover, the regulatory risks are serious factors to be considered. For example, following the implementation of the EU General Data Protection Regulation, a new regulation—which is set to come into force within the EU in 2017-18—IT security robustness will be auditable and subject to mandatory risk assessments with fines of up to 5 percent of annual worldwide turnover for corporates who underperform against guidelines.
According to EY, cyber attackers are constantly switching tactics, improving their abilities and growing their capability, which has raised the cyber threat level to a new high.
As the threat landscape is growing and evolving, the cyber security industry is responding by becoming more sophisticated and developing innovative solutions to help firms protect themselves.
The global cyber security market grew to an estimated value of approximately €55 billion, ($60.06 billion), in 2014 and it is expected to continue on an upward trajectory.
Today, hackers are able to utilize smarter methods to take advantage of the growing digital systems within businesses.
With the use of mobile technologies, our personal lives are evermore intertwined with the Internet and our personal data is now at the fingertips of a swelling number of individuals, companies, governments and, of course, hackers.
As a result, there are numerous touch points whereby companies are particularly vulnerable to cyberattacks. These include employees’ access to social media, the unrelenting growth of cloud computing and outdated security controls.
As we have seen, no company or region is immune to cybercrime. In addition, cyber security is clearly increasingly high on global regulatory agendas. Companies should carefully assess their business needs, priorities and risks and devise a tailored security model to avoid possibly irreparable damage to their businesses.
The writer is a principal at Investcorp