Cyber Attacks: Survey Shows Increase In Awareness And Lack Of Planning
Cyber attacks have become commonplace in the world of business, particularly with retail stores like Target and Neiman Marcus, and according to a new survey of US firms, 82 percent believe the issue will continue with 38 percent expecting these attacks to grow even worse.
The reveal was part of a survey released on Monday that targeted 300 firms throughout the United States conducted by Surrey, England-based BAE Systems Applied Intelligence, a unit of BAE Systems P.L.C. Fifty Canada-based firms also participated.
Additionally, a separate survey included 110 UK and 51 Australian companies.
“The World Economic Forum has warned that the theft of information and the intentional disruption of online or digital processes are among the very top business risks that major institutions face,” BAE explained. “It also suggests, however, that improved cyber security could save the world economy trillions of dollars.”
BAE continued: “Recent high profile attacks have highlighted just how much cyber crime can cost vulnerable business; risks are growing as digital criminals become more adept, now employing a portfolio of attacks with the potential to damage national economies and radically undermine an organization’s ability to grow and innovate. Digital crime threatens to undermine not only an institution’s reputation but also its core competitive advantage.”
Think You’re Well-Equipped? Think Again.
In the US report, 87 percent said they were “well-equipped” to prevent targeted cyber attacks. (One has to wonder if Target was in the mix following the December data breach that compromised the personal information of more than 60 million customers.)
Forty-four percent of those surveyed admitted that advance intelligence about possible threats would help them mobilize against the risks.
But when BAE “drilled down into the results,” they found that “a potential danger of lack of real action at board level” still existed, indicating “the challenge may still often be seen as a technology problem alone, rather than something that must be tackled at CEO and board level.”
“The recent attacks demonstrate that there is no ‘silver bullet,’ and a combination of robust processes, and controls, user awareness and vigilant security operations all have to play a part in protecting the enterprise,” BAE Systems Applied Intelligence managing director Martin Sutherland said in a statement. “However, these approaches are only as good as the information used to implement them.”
Sutherland also warned that companies “will … need to develop holistic threat intelligence management programs supported by security platforms that not only provide the raw intelligence data but also the ability to process and analyze large amounts of complicated information as quickly and clearly as possible.”
The Global Report
In the global report — the UK- and Australia-based respondents — 90 percent of British businesses surveyed saw the number of cyber attacks increasing with a majority of major companies planning to increase their cyber security spending after recent attacks. “67 percent of UK respondents said organized groups of fraudsters now presented [the] greatest cyber threat.”
Also: “30 percent of UK organizations surveyed did not have, or were unaware of, crisis plans in the event of a cyber attack on their company. Of those respondents who did have crisis plans, 60 percent of UK respondents thought their companies’ plans were well publicized.”
Copies of both surveys are available here.
Companies are well aware that cyber attacks will be an ongoing risk in the future of business, but the new data reveals a deficiency in the preparation and planning over how to fight these problems. For starters, from the top-down, there is a misconception that cyber attacks are strictly a technology issue, rather than something that requires a multifaceted approach towards prevention. While it’s a positive that leaders are starting to think more about the problem, attention alone is no solution.