Why Business Cyber Attack Security is Paramount
By Mark Phillips ¦ Blog.TotalAV.com ¦
Countless corporations fell victim to cyber attacks last year, a fact made very public by international headlines. Ransomware attacks – essentially malware that holds a system’s data hostage until a ransom is paid – soared to 4000 per day through 2015 to 2016, according to the U.S. Department of Justice.
Although the statistics are clear for all to see, most companies continue to underestimate the risk and severity of a cyber threat. The EY’s 19th Global Information Survey 2016-17 revealed that, of the 1,735 global executives and IT leaders surveyed, a mere one in five considered IT security in their strategy preparations.
With hacking on the rise and prevalently hitting tech headlines, this kind of complacency is completely baffling. According to the Ponemon Institute, the average cost of cyber attacks to companies worldwide is tipped at close to $10 million. In addition to the financial damage, there is also the threat of reputational damage from a security breach.
Vickie Papapetrou, the director at EY’s EMEIA Cybersecurity Centre of Excellence, confirmed similar concerns. “If companies are not identifying, understanding and evaluating the impact of cyber attacks, the nature of the risk will remain unknown and understated, limiting the ability to respond in a timely manner.”
Sometimes complacency among company leaders is not solely to blame. According to the EY’s survey, almost one in three respondents said a lack of awareness among executives was detrimental to cybersecurity preparations. In other findings, only two in five respondents said their boards had ample information to evaluate cyber risks. Most worryingly, a dismal one in ten businesses properly evaluate the impact of data breaches.
Organizations of the modern world are now undeniably vulnerable to hacking, and that threat is both real and ever more likely to strike. Criminal organizations, nation states and hactivists are just some of the major perpetrators associated with cyber attacks. According to Papapetrou, principle methods include phishing, malware, web-based attacks, malicious code, botnets and social engineering.
“Ten years ago, a hacker was someone sitting in a basement having fun,” Papapetrou commented. “But now nation states and criminal organizations are recruiting and training smart people from universities, paying them large sums of money to join them in their malicious activities.”