Yet another large corporation has fallen victim to the increasing threat from cyber crime — with telecommunications giant, TalkTalk, experiencing a large-scale cyber attack that subsequently put its own, as well as its customers’, personal data and information at risk.
Prompted by the ease at which hackers were able to obtain sensitive material from TalkTalk’s corporate network infrastructure; in the days after the hacking, several of the UK’s largest businesses entered talks with the government to bring about a change in policy surrounding the governance and security of corporate networks. One leading executive stated that “urgent action is needed” to tackle the threat posed by cyber criminals to businesses across the UK.
According to a recent Cabinet Office report, cyber crime costs the UK economy an estimated £27 billion a year — £21 billion of which is stolen from businesses in the form of intellectual property and espionage. This staggering figure demonstrates the growing threat of cyber crime to businesses big and small — not to mention the consumers who give these organisations their personal data and information in confidence.
Despite a rapidly growing number of cyber attacks, many businesses are yet to implement a robust security strategy to protect their data and their customers’ personal information from cyber threats. Indeed, in a recent article published by The Guardian, it was discovered that 90% of SMEs don’t provide adequate protection against cyber attack — leaving their systems extremely vulnerable to future threats that could wind up costing emerging entrepreneurs their livelihoods.
And it isn’t just small and medium-sized enterprises (SMEs) that are at risk from cyber crime — something made quite evident by the recent TalkTalk hacking. Given the adaptive nature of cyber criminals, it’s extremely difficult for businesses to protect their network from all vulnerabilities — no matter how big, small or well prepared they are.
According to The Guardian article mentioned above, cyber crime can cost SMEs anywhere between £65,000 and £155,000 in recovery costs, whilst large corporations are said to lose as much as £1.5m per data breach. Depending on the scale of the business, a single network security breach can mean the difference between staying afloat and going under.
Of all the recent cyber attacks to affect businesses and consumers, Shellshock has had the biggest impact — with recent reports suggesting that the malware has infected over 500 million devices across the globe. Types of cyber attack like Shellshock — or Bashdoor as it’s also referred to — are of particular concern to businesses, given the detrimental impact they can have on a company’s internal systems and data.
IT security experts, AVR International, advise that the key to protecting your business assets from a cyber attack such as Shellshock is to implement a robust incident response procedure — they said:
“In many cases with cyber crime, there are few things companies could do differently to prevent the attack from happening in the first place; what’s more important is how they respond to the incident. By ensuring that up to date patches are installed before and immediately after a security breach, companies can significantly minimise the damage caused by a specific cyber attack.”
As cyber attacks become more and more sophisticated however, it’s likely that more and more businesses will be affected by a threat at some point in the future. That’s why Matthew Webb of Hiscox Insurance suggests that all businesses should invest in cyber insurance, which will protect your business’ financial assets in the event of cyber fallout.
By Stephen Donovan, AVR