Organisations will need more than just technological defences in their fight against cyber risk.
That is the view of CNA Hardy cyber head David Legassick, whose statement comes following the release of the latest cyber breaches report from the Department for Digital, Culture, Media & Sport (DCMS). As reported by Insurance Business, the annual poll by DCMS found that 32% of companies in the UK identified a cyber security attack in the last 12-month period.
What’s worthy of note is that things have the potential to get worse, and Legassick has offered an explanation.
“UK and European businesses consistently cite cyber as a top risk facing the business,” noted the CNA Hardy executive. “In particular they are worried by the growing interconnectivity of cyber risk – how an attack can paralyse a manufacturing plant, shut down a global supply chain, put revenues of multiple businesses at risk, and undermine the reputation of many leadership teams and the brands they represent.
“Growing reliance on technology as part of the fourth industrial revolution is only going to exacerbate this trend.”
So what does a firm’s arsenal have to look like if it is serious in combating cyber risk? The answer appears to be something deep-seated.
“If businesses are going to stand up to the threat, they need to embed a strong risk culture in place where every employee from the boardroom down is aware of how they may be targeted – at an individual or a business level,” stated Legassick. “80% of attacks take the form of phishing precisely because it’s so easy for someone to click the link on an email, etc., or a social media feed.
“As attacks become more sophisticated it is the cultural defences as much as the technological that will help keep businesses safe.”