Few business threats are as complex or difficult to guard against as cyber crime.
The pace at which technology advances means online threats constantly evolve. This, sadly, requires a perpetual evolution of technical and operational resilience to guard against the threats that exist as they emerge.
Types of incident
Despite the plethora of ways in which cyber crime can be perpetrated, the threats fall into four main categories:
- Data extraction – where information is taken from a business and used for a collateral purpose, such as blackmail, gaining a competitive advantage or sale to a third party.
- Data destruction – where critical documents or emails are destroyed at source.
- Data manipulation – where information is manipulated to suit a particular outcome e.g. changing legitimate payment details to divert funds to a fraudster.
- Data denial – where electronic systems are brought down by a denial of service attack, which overwhelms the system and prevents access to it; or a ransomware attack which encrypts all of the files on a network and demands a ransom for their release.
The effects of an incident
The effects of a cyber attack are varied, ranging from diversion of funds or data theft to a complete inability to access online or electronic systems.
They can also take the form of a denial of service attack (which overwhelms a network temporarily blocking access to it) or a ransomware attack (which encrypts key systems and demands a ransom – typically payable in cryptocurrency) for the release key.
Cyber incidents inevitably bring with them some degree of business interruption. That disruption typically takes the form of:
- Complete operational failure – through inability to maintain any "business as usual" activities;
- Lost profits – through a combination of an inability to trade and associated remedial costs;
- Regulatory fines – imposed by the ICO or otherwise in respect of any data that is compromised;
- Litigation – losses arising through an inability to fulfil contractual obligations;
- Reputational damage – following the publicity surrounding any cyber incident encountered.
Despite the wide range of negative consequences flowing from an attack, the good news is that much can be done to proactively guard against cyber risks.
Every organisation should carry out a comprehensive risk assessment to identify its most valuable assets and assess the specific risks that would arise from those assets being compromised.
Incident response plan
It is imperative that a business takes the appropriate steps to put an incident response plan in place.
Investment in establishing an effective incident response plan brings with it many benefits including improved resilience, a greater chance of achieving business continuity and a reduction in the financial impact of a cyber attack.
Employee education and awareness
Another key proactive step businesses can take is to educate staff of the risks presented by cyber crime and raise awareness of the various cyber scams that exist from time to time. This often improves the detection and avoidance of potential threats.
Regulatory and compliance governance
All businesses must be aware of the various regulatory requirements that are required to be observed in the aftermath of an attack.
Being seen to take the appropriate steps in the aftermath of a cyber incident can often be used to mitigate any penalties which might ultimately be imposed by regulators.
Network and IT security
All organisations need to take the appropriate steps to ensure that networks and infrastructure are protected against both internal and external attacks. In most cases, this is a balancing exercise and a cost benefit analysis will be required to be undertaken to determine what steps are appropriate in the circumstances.
Despite the wide variety of policies available, cyber insurance can substantially reduce the costs associated with managing and recovering from a significant cyber incident.
Cyber crime is here to stay. It is incumbent on all businesses to take the appropriate steps to ensure that any cyber threat faced is capable of being overcome.
With a little proactive diligence and the right advice, most organisations can implement appropriate safeguards which greatly improve the prospects of avoiding all but the most sophisticated cyber attacks.