Businesses are in dire need of upping their cybersecurity protocols.
Earlier this month, thanks to new GDPR laws, the Financial Conduct Authority fined Tesco Bank a whopping £16.4 million for failing to appropriately address a cyber attack in November 2016. The criminals made off with £2.26 million, leaving Tesco Bank in deep remorse and with a damaged reputation.
However, Tesco was not the only institution to be caught in a cyber fix; organisations like Dixons Carphone, Facebook, British Airways and Superdrug have all also fallen victim to data hacks. In fact, in the last year, 231,028 security breaches on British businesses were recorded, resulting in compromised finances and security of private information of thousands of individuals across the UK.
Ultimately, all this has shown is that there is a serious demand for the cybersecurity industry, which makes it hot opportunity for interested entrepreneurs.
So where is this threat coming from?
According to Ciaran Martin, the chief executive of the UK’s National Cyber Security Centre, the cybersecurity threat is a viable one, especially from politically opposing nations, not to mention other independent international cyber criminals.
He said: “…states and criminal syndicates huge damage to confidence in individual organisations and confidence to the digital economy as a whole.”
When major ransomware attacks like NotPetya and WannaCry have plagued not only the UK, but countries across the globe with the intent of invading privacy, damaging national infrastructure and manipulating political decisions, it becomes clear that the cybersecurity threat is not limited to the digital world, and can cause real harm.
“[The UK] may have some of the best operatives but they don’t have the only operatives and cybersecurity damage and harm can take many forms,” commented Martin.
This is exactly where businesses ought to be stepping in to regulate and protect themselves against the threat of an attack. Martin’s sentiments are echoed by cyber specialist Ewan Lawson of the Royal United Services Institute, who is of the belief that companies are less likely to care about where the attack came from, but rather what impact it has.
“They will just think about the effect on their business,” said Lawson, noting that reputation is a key liability in the event of a cyber attack.
It’s not to say that no progress has been made. Indeed, public awareness of the digital scandals has boosted business spending on cybersecurity technologies, and companies are progressively readjusting their priorities when considering cyber attacks. Evidently, cybersecurity has shown its worth as a profitable business venture.
Vincent Steckler, the chief executive of Czech cybersecurity platform Avast, noted that the industry had witnessed a number of positive developments and remarked: “Legislation and high-profile data breaches have led to an increased focus on privacy concerns and security risks amongst both consumer and business customers. We continue to see double-digit increases in global spend.”
The blame is no longer falling on just IT professionals; all departments are receiving training and being held accountable, and cybersecurity matters are taking precedence in the boardroom.
For 40 per cent of chief executives in the UK, a cyber attack is not a matter of ‘if’, but rather ‘when’, and believe that a top-down approach in leadership and cybersecurity protocols is the way forward.
“Too often, the tendency in cybersecurity has been to hire help so that it can be declared the problem has been taken care of. You wouldn’t expect that in terms of financial liability, you wouldn’t expect that in terms of the way you pay tax, or the health and safety of your workers,” said Martin.
And when it is anticipated that there will be a global deficit of 1.8 million skilled cybersecurity professionals by 2022, it is evident that matters need to be approached by all involved parties, and immediately.
To add to this, only a paltry 8 per cent of women are represented in the cybersecurity industry throughout the UK – a figure that slides down to seven in the rest of Europe. According to Brian Lord, the managing director of cybersecurity services company PGI: “The industry is killing itself by creating artificial barriers to entry for 50 per cent of the working population.”
Amending the working culture and training facilities to engage a wider proportion of society is a vital aspect of protecting businesses from imminent threats. Initiatives to improve education and compliance training are on the rise, bringing new investment opportunities to those wishing to enter the cybersecurity industry as a business venture.
From realigning priorities to training up all people across the board, the solution to the cybersecurity threat lies with people. After all, the danger is real, and businesses need to establish the relevant safeguards. – Business Sale Report