The rise of the cyber attack

It feels like everywhere we turn, cyber attacks are at the forefront of discussions amongst the Resilience community and beyond. It is truly a hot topic within the industry at the moment, and for good reason.

In the recent Hiscox Cyber Readiness Report it was revealed that 3 in every 5 firms experienced a cyber attack within the last year a sharp increase from the year previous where this figure was at less than half.

Barely a day goes by where another breach is not reported.

Just what exactly are the factors causing this surge?

In this article we will look into the main reasons for the increase and what organisations should be looking to do in order to protect themselves in response.

Technology

As with so many of the developments we are experiencing in the corporate world, technology can be heavily linked to the changes we have experienced within cybersecurity in recent years.

We have the ability to choose from more digital tools than ever before both in software and hardware but this increase in choice unfortunately brings an opportunity for each tool to be compromised.

Businesses must progress their technical security efforts in line with this ever-changing environment, with an all-encompassing security strategy in line with the firm's IT policy to include the various devices and programmes being utilised in their workplace.

Ways of working

The way in which employees operate is ever-changing. Bring your own device' policies and remote working schemes are being adopted by more and more organisations all over the globe.

Additionally, more people than ever before are choosing to log in to company systems outwith their core working hours. Of course, with all of these activities brings increased risks to security breaches. Organisations can no longer feel safe in the knowledge that they have covered security protocols on company property.

In a similar vain to the technology aspect we have just covered, this raises some cybersecurity concerns within corporations.

A report on BYOD and Mobile Security highlighted just that, with 39% of businesses stating that security was their major concern with the concept of employees owned devices being used within the corporate environment.

To address these concerns, organisations should work to cover everything that this involves.

This includes covering the plethora of different types of device that could be used by your employees, considering how you will cover staff leaving who have been using their own devices for work and taking into how to react if devices are compromised e.g. lost or stolen.

Knowledge

Another dominant reason behind the intensification of this type of interruption is an increase in knowledge.

Those behind the attacks are increasing their understanding of the ways in which firms can be targeted and are using this information to become more sophisticated in the way in which they are able to do so.

In the media just this week we were reminded of the colossal attack on UK telecommunications firm TalkTalk unveiled in 2016, as we saw the mastermind behind this charged and imprisoned for four years. This individual in question was just 16 when he carried out his first hack on a local college, and went on to attack corporate giants in Canada, Australia and the UK between the ages of 16 and 19.

This is not a unique occasion there have been several reports on cyber criminals as young as 9. Not only are more and more individuals both young and old becoming increasingly knowledgeable on how to conduct this type of activity, they are also sharing the information tools and tricks to support attacks and hacking are widely available online for anyone to find.

Police specialists are working tirelessly to determine the best approach on dealing with this sort of offender.

Crime and Cyber Security agencies work in close partnership to provide advice on ways to prevent young people falling into the trap of getting involved in this activity. They also work to promote and support businesses on how to protect themselves from an online perspective.

A further unconventional approach which has been seen in recent years has been to recruit these people into the cyber security field rather than reprimand them. The skills of such culprits can then be turned around and used for good rather than evil, helping to prevent and identity further attacks of the same kind.

Conclusion

There is no way to deny that cyber-attacks have been on the rise, and unfortunately look likely to continue doing so. Firms cannot ignore or get away from this issue, so instead need to be proactive in how they protect themselves.

A comprehensive BCMS will cover the two parts required for protection cyber security and business resilience.

Working through your BCMS will identify the risks and how to prepare for recovery should these incidences occur.

Our software walks you through the steps and ensures nothing is missed and is also aligned to ISO 22301, the official standard for Business Continuity (BC). This means that you will, by default, identify any need for cyber security measures when setting up and maintaining your BC Plans.