Cyber security needs to be taken seriously. If your organisation doesn’t have a joined-up approach to protecting your networks and data, it needs to develop one – and fast. Cyber security training is one part of it. Working in tandem with your IT resource – or even considering using the services of specialist cyber security consultancies – is something you need to be planning as a matter of urgency, if you are not already doing so.
The problem is not going to go away. US technology company Neustar specialises in data and analysis for commerce on cyber security and risk. It has recently published its International Cyber Benchmarks report.
Its chief findings are that system compromises and ransomware are of the greatest concern to companies and organisations – a fifth of all respondents identified both as their primary concerns.
Denial of service (DDoS) attacks, where cyber criminals can flood your network with data requests causing it to freeze (thus disrupting the normal flow of business), come a close second, at 19%, with financial theft and compromises of intellectual property weighing in at 18% and 17% respectively.
Almost half of those surveyed (in the US, Europe, Middle East and Africa) say DDoS is a major concern, with 40% stating that their organisation had been subject to DDoS attacks.
Technology security specialist Josh Wardini estimates that by 2020, resources spent on cyber security software, services and hardware will have passed the US$100bn mark.
And technology journalist Warwick Ashford, security editor of Computer Weekly, says that security professionals now fear that Meltdown-Spectre attacks, an insidious type of breach that targets inherent security flaws common to virtually every computer chip manufactured in the past 20 years, are fast becoming the norm.
Neustar senior vice-president Rodney Joffe said that the report highlights the fact that cyber security is now an overwhelming concern to commerce.
“Security professionals are becoming more concerned about the level of threat to their organisations, because that same level of threat is continuing to rise at an extreme rate,” he said.
“As we have seen over the past year, there are more threats to be aware of, whether in the form of DDoS, malware, application layer attacks or something else entirely, leaving professionals confused about where the next attack is coming from.
“To successfully prepare for a cyber attack in today’s landscape is to accept that your organisation will be the next target. If you are online, you are susceptible to an attack. Whether you are most vulnerable or not is entirely up to you.”
As Joffe says, the power to protect your organisation lies in your hands.
Few systems will be 100% foolproof, but it’s worth using the bicycle lock analogy. If your bike is secured front and back with a state-of-the-art locking device, of course it is possible that criminals will find a way to overcome it to steal your bike. But the likelihood is that they will seek out assets with security that is easier to breach. A robust cyber security regime can mean that the criminals will look elsewhere for the low-hanging fruit.