Companies are largely unprepared for an assault by hackers and are failing to properly mitigate the risk of cyber attack
NTT Com Security’s Risk:Value 2016 report reveals only 45 per cent of UK business has any kind of insurance to cover the financial impact of data loss or a security breach. However, 37 per cent admitted that poor security could invalidate that cover. Which begs the question why are so many organisations unprepared for a serious cyber attack, given a quarter are expecting one to hit them in the next 90 days?
That the threat-scape has evolved from hackers looking for notoriety into a well-organised, and highly profitable, criminal enterprise is beyond debate. Yet many organisations still perceive cyber security as a technology issue rather than a business matter. “This asymmetrical nature is why cyber security must have input at a strategic business level,” says Greg Sim, chief executive at Glasswall Solutions.
“Risk mitigation should be integrated into core business processes, as opposed to being an afterthought in which only the bare minimum of managing, and not solving, the impact of a breach is done.”