UK BUSINESS SHOULD BETTER PREPARE FOR CYBERCRIME THREAT
With cybercrime nowadays it is not a matter of ‘if’ but a matter of ‘when’. Preparation and prevention is key for business and employee welfare.
According to IT products and services provider Fujitsu only six per cent of corporate organisations believe cyber-security threats can have a major impact on the UK’s economic future. In its 2017 Threat Predictions report, the Fujitsu Security Operations Centre points out the biggest security risks to enterprises including not going through with basic security steps and attacks on banking applications.
Rob Norris, VP head of enterprise and cyber security EMEIA at Fujitsu, says, “With threats we face today only set to rise, all organisations in the public or private sector, no matter what shape or size, are vulnerable to a cyber-attack. With the ripple effect of an attack no longer within the four walls of an organisation, businesses need to rethink their approach and stop defying cybersecurity practices.”
Furthermore, according to the National Cyber Security Centre report, cyber-attacks against companies in the UK have increased over the last year with companies being threatened by ransomware, data breaches and theft from cloud storage. Between October 2016 and the end of 2017, the NCSC recorded 34 significant cyber-attacks and 762 less serious incidents. An example of this is the WannaCry ransomware attack in May 2017 when 300,000 devices across 150 countries were affected, affecting services worldwide, including the NHS.
Ciaran Martin, head of the NCSC, says, “The NCSC’s aim is to make the UK an unattractive target to cyber criminals and certain nation states by increasing their risk and reducing their return on investment.”
The NCSC report also focuses on the spread of the ‘Internet of Things’ (IoT), which includes the interconnection of household appliances and other devices. With the number of devices connected to the Internet constantly growing, it is the perfect opportunity for cybercriminals to use the IoT for their attacks. According to the report, “The research company Gartner predicts there will be 11.2 billion things connected worldwide by 2018. Many internet-connected devices sold to consumers lack basic cyber security provisions. With so many devices unsecured, vulnerabilities will continue to be exploited and used for activities without the user’s knowledge.”
Cloud security is also a topic of discussion with the NCSC report, warning the public that with more companies keeping their data in the cloud, they become an easy target for hackers. The blind trust corporate organisations have in the cloud can be proven dangerous, but there are several way to mitigate the impact of cybercrime. Starting with the basics, often updates to business software is key to ensure they are one step ahead of the potential cybercriminal.
In the fight against cybercrime education can be the strongest defense. Getting employees and managers educated on cybersecurity can have a positive effect on the company’s digital security. Obtaining a Cyber Essentials Certificate can also be a good first step. Cyber Essentials is a UK government scheme encouraging organisations to adopt good practice in information security and includes an assurance framework and a simple set of security controls to protect information from threats coming from the internet such as strong passwords and encryption technologies.
If everything else fails, a good crisis-management plan could be a life-saver. The communications team can play a decisive role by having a crisis management plan and updating it frequently. Furthermore, having a designate crisis management team that is properly trained, conducting exercise to test plan and team and pre-drafting messages can save the day if needed.
Awareness is the biggest weapon against cybercrime. The losses a company can suffer are both direct and indirect, with many businesses mentioning downtime or productivity loss.
For more from Communicate magazine, follow us on Twitter @Communicatemag