The Facts Behind the Attacks
Dependency on technology and network connectivity is expected to remain one of the most likely risks to businesses in 2017. Cyber-attacks are time consuming to manage, costly to remediate and can be catastrophic to a firm’s reputation. It is a looming dilemma for businesses and must be brought further into the corporate limelight. Currently, only a few companies can quantify how great their risk exposure is, which severely limits how they can protect themselves.
SME’s should be aware that they will face growing cyber threats in 2017. Statistics by the RSA group show only 9% of UK SME’s have insurance to protect themselves against cyber threat. This clearly indicates that an alarming percentage of SME’s are not taking the necessary steps to manage a cyber-attack. The digital climate is constantly rising and SME’s are becoming victims of cyber-attacks as they may not have the suitable cyber security protocols in place. Three Quarters of SME’s that were questioned stated that they believe their business doesn’t need cover and are not aware how it would protect their business.
The cyber world has seen a 29% increase in the total cost of a data breach and a 15% increase in per capita cost since 2013. The threats of cyber-attacks are becoming more apparent and it is estimated that there is a 26% probability of a material data breach involving 10’000 lost or stolen records. This could be detrimental to firms and can lead to the biggest financial consequence to organisations… lost customers. This long-term impacting consequence of a data breach can take years to regain the lost customers’ trust.
49% of UK businesses use external host services to host websites or email and to transfer or store data. Many firms are under the illusion that by outsourcing an activity it transfers the risk management process and liability to the third party. This is not the case, if it is your customer information then you are responsible for safely housing that information with the right hosting company. This is further resonated by the upcoming EU General Data Protection Regulation which is shortly to be implemented in UK Law to replace the Data Protection Act of 1998 which currently falls under the remit of the UK’s Information Commissioners Office (ICO). Some facts behind the attacks:
• The average total organisational cost of a data breach over the past 3 years is increasing – 2013 – £2.04m, 2014 – £2.21m, 2015 – £2.37m.
• The mean time to identify a cyber breach is 201 days and the mean time to contain the cyber breach is 70 days.
• Root causes of data breaches – 51% are a malicious or criminal attack, 24% are system glitches and 24% are human errors.
Organisations are still not adequately prepared for cyber-attacks and not even the most highly resourced institutions have the means to eliminate cyber risks fully. Only 57% of businesses have been found to have sought information, advice or guidance in the past 12 months on cyber threats faced by their organisation. With threats of cyber-attack ever more present it is time that companies start the cyber security journey as soon as possible.
• Ponemon Institute – 2016 Cost of Data Breach Study: Global Analysis