Editor’s note: this article was written last year in conjunction with RiskLogic’s Cyber-Awareness campaign. We are re-publishing for 2017’s Cyber awareness month.
The Business Continuity Institute brings you another year of stats to help really put into perspective what the issues facing organisations are. Here is a break down of the 2016 Cyber Resilience Report. These numbers were researched and put together by Senior Communications Manager, Andrew Scott CBCI.
As I mentioned last week, BDO had stated in their cyber awareness workshop that one organisation would receive on average 17,000 attacks in 2016. By 2020, this is going to cost companies a staggering $3 trillion USD.
The frequency of these cyber incidents demonstrates why it is important for organizations to have plans in place to mitigate against these kind of threats, or to lessen their impact.
This has clear implications for the time taken to return to business as usual, and the ultimate cost of the incident to the organization.
Even if organizations wish to respond immediately to a cyber attack, the nature of the attack may render them unable to do so.
All these forms of attack will, in different ways, render an organization’s own network either contaminated or inoperable. An example of a company in New Zealand who a few years ago disappeared off the face of the earth reiterates this.
They had realised one afternoon someone was in their system, just sitting there waiting (which can be more worrying than if they’re actually attacking). The organisation took the first meaningful step and completely disconnected the whole business. 150,000 customers were contacted to change their passwords. Over two weeks the IT team rebuilt the company up from scratch. Confident that no hacker could get back into something completely rebuilt like this, they gained the stakeholders trust and invested millions into fixing this as soon as possible. On a Friday afternoon at 4:30pm, the business was ready to switch back on. Once they had, their CIO had been informed that the hacker was there again, waiting, back in the systems. His inevitable attack lead the company to loose a further couple of million dollars and send them to bankruptcy.
David James-Brown FBCI, Chairman of the BCI, commented: “This piece of research is one of the most timely, insightful and relevant the BCI has ever produced. Cyber attacks tend to target the weakest links of an organisation, and this calls for a greater awareness of ‘cyber crime’. As the cyber threat evolves, it is crucial to stay on top of it, building long-term initiatives and regularly updating recovery plans.”
Rickie Sehgal, Chairman of Crises Control, said: “Rapid communication with employees, customers and suppliers is vital for any company in terms of responding effectively to a major business disruption event such as a cyber attack. When your business is at risk, even a one hour delay in responding to an incident can be too long. Taking more than two hours to respond, as almost half of companies do, is just unacceptable.”
RiskLogic offers a comprehensive training course on cyber resilience and how your organisation can remain prepared and secured for when an attack occurs. Our experienced and credible consultants are well prepared and ready to assist you in your cyber journey. Contact us now to arrange your obligation free consultation.