"The cyber threat landscape today is highly complex and rapidly changing. Cyber security incidents can have several impacts on organizations and society, both on a physical and non-physical level. Through the use of a computer, criminals can indeed cause IT outages, supply chain disruptions and other physical security incidents"
-- excerpt from the foreword of the BCI Cyber resilience report 2018 by David Thorp, Executive Director, BCI
There are a number of things you can do to protect yourself. And they range, as usual, from the fairly simple to the more elaborate and esoteric. Most companies can, with some common sense, if not close the door on most of these issues, at least prepare themselves to limit the consequences.
The report was compiled based on 574 respondents from 77 countries. Most importantly, two-thirds of them suffered at least one cyber disruption in the past 12 months.
The vast majority of of security incidents were caused by phishing issues, social engineering and malware. Followed at some distance by ransomware and denial of service attacks, singular and distributed.
The biggest effects of these attacks were IT and telecom outages, followed at some distance by reputational damage, loss of profits and supply chain disruption.
In the future however, we see that reputational damage, rather than physical or immediate financial losses will be the main disruptor to a company.
This means that senior management needs to pay attention more than the 57% of repondents that report commitment to this phenomenon.
Reputation is at the core of a company's ability to maintain a good relationship with its clients and to attract new ones. The financial repercussions of not paying attention to this can thus be severe.
Through the 2 case studies outlined in the report, the BCI comes to 5 conclusions:
The key to understand these conclusions is that Business Continuity starts much earlier than when the calf has drowned. Having solid policies in place with regards to life cycle management, people awareness and actual recovery does protect you against these events and gives you a good chance to come out on top when the breach happens.
This starts with clear communications to your teams about what technologies are supported, in which versions and when they will need to upgrade. This allows the people with the budgets to properly account for these mandatory updates and align them with the needed business functionalities.
In addition, communicating about your policies and showing clients helps with bonding them closer to you and it gives you a marketing advantage to attract new business.
If you want to know more about how we can help, please contact us.