Large-scale cyber-attacks have become the new normal and the risks to governments and businesses are growing and significant.
Late last year, Target Corporation, the second largest discount retailer in the US, suffered a huge security theft that compromised around 40 million credit/debit cards. Target’s stock fell almost 14% in months. It also impacted on consumer sentiment, dragging profits down by 46% year-over-year in Q4 2013. The retailer has incurred expenses of $146 million since the news broke.
The cost to any victim of an attack that has been splashed across international news websites is huge. Not only is it the cost of remedying the situation it is also the cost of reputational damage.
Cybercrime can’t be prevented at the perimeters of today’s large, complex and global networks, and unfortunately, companies need to abandon the illusion of 100 per cent IT security. Sophisticated cyber-criminals have rendered traditional perimeter defences, like proxies, firewalls, VPNs, and antivirus and malware tools ineffective.
Companies now need to detect threats inside the firewall and as they develop. In today’s threat landscape, organisations face extremely sophisticated intruders who continually upgrade their capabilities, and the means by which they penetrate into, and conceal their work within networks, as well as insiders who abuse their access rights to manipulate and steal data. Attacks often remain undetected until it is too late.
On average it takes 230 days before a breach is detected, and by then the damage is done and in some cases it’s irreparable. However, if an attack can be detected early, the consequences would have been far less than after six months has passed. Responding quickly if and when an alarm is sounded an organisation has a much better chance to prevent the compromise or loss of critical information. It would give the company valuable time to respond, investigate any unusual activity to counter attacks, reduce impact and protect against repeat attacks.
But, responding quickly is only possible if boards act before an act to understand the risks their company faces.
The key is to adopt a governance-led, information driven approach to managing cyber-risk. Directors need to understand how threats are evolving, evaluate the degree of risk at any one time and set strategies for countering attacks.
Information-driven cyber intelligence allows directors to assess, manage and minimise the risks. By identifying and characterising cyber threats and assessing the vulnerability of critical assets and operations specific to threat companies can better identify ways to reduce those risks and strategically prioritise risk reduction measures. They can clearly plan for what the likelihood and consequences of specific types of attacks are and can better manage and minimise the risk.
We live in an age of constantly changing and evolving risks for businesses. Boards need to adopt a proactive approach to protecting their companies, systems, processes and data. It’s not about higher and stronger fences, but building better and smarter tools inside your barriers that can detect, identify and manage cyber risk to quickly mitigate potential threats, preserve data, and ultimately protect your company’s reputation.
Wynyard Group develops risk management and crime fighting software used in investigations and intelligence operations by government agencies and financial organisations around the world. Wynyard solutions help solve and prevent crime, defend against cyber threats and counter terrorism while its powerful software platform combines big data, advanced crime analytics and tradecraft to identify persons of interest, stop offenders and protect victims.
