Businesses are beginning to appreciate the enormity of the threat posed by cyber-attacks. Lloyds’ third annual Global Risk Index shows that business leaders now regard cybersecurity as one of the greatest dangers to their operations and prosperity. According to the Index, cybersecurity is now in third place on the threat scale, behind predictable standbys, like high taxation and loss of customers.
Click image to enlarge. Source: www.lloyds.com
What makes this news most remarkable is that cybersecurity was languishing in 12th place on the threat scale just a year ago. Business leaders now appreciate that cyber-threats represent mortal dangers. This was an inevitable development. Most businesses have now seen competitors harmed by attacks or been harmed themselves. Many of those surveyed likely were aware of the findings contained in the recent 2013 Global Corporate IT Security Risks survey for B2B International and Kapersky Lab, which found that the average cost incurred by large companies in the aftermath of a successful cyber-attack is nearly $650,000. That kind of expense can cripple even the largest enterprise.
Matt Middleton-Leal, regional director for the UK and Ireland at Cyber-Ark, an information security company known for its vaulting technology, says of Lloyds’ findings, “With the risks to global organizations higher than ever, it is clear that cybersecurity has finally reached the attention of business decision makers across the enterprise – no longer just an agenda item but a key point of discussion.”
Business Leaders Are On Guard
Lloyds’ Global Risk Index represents the opinions of more than 500 senior executives. Cybersecurity has clearly moved out of harried IT departments and into the boardrooms of global enterprises.
Of course, being aware of a danger does not mean that business leaders will take aggressive, proactive steps to address it. Middleton-Leal does note, however, that C-suite executives across numerous industries are making the first, tentative steps to modernize their security apparatuses. “Businesses are at last beginning to understand that the best way to mitigate the threat cybercrime poses is to approach security from the inside out – with the assumption that your organization has already been targeted, or even infiltrated,” he says.
Awareness Does Not Equal Action
Still, while many business leaders are clearly taking the threat posed by cyber-crime seriously, there’s no guarantee that organizations will react to this threat in ways that serve their best interests. Business leaders are new to cyber-crime. They are either wholly unfamiliar with it or have acknowledged it only as an abstract, nebulous menace; they are unused to taking tangible, operational steps to address it.
In a recent interview with The Economist, George Kurtz, the founder of CrowdStrike, a newly-hatched tech company, recently explained that most of the businesses he works with are responding to cyber-threats incorrectly. Most of the business leaders he consults with want to figure out who or what has targeted their business rather than trying to understand the motivations of their attackers or developing measures to counter future attacks. Kurtz said bluntly, “if someone is shooting at you, the last thing you should focus on is the caliber of the bullet.” Business leaders need to adjust their approach to cyber-crime if they are going to inoculate themselves against it.
Kurtz’s experience shows that business leaders still need help when it comes to cyber-security. They need advisors and experts who appreciate what is needed to reduce future attacks and mitigate the damage caused by successful attacks. Although many executives now understand the grave danger that cyber-criminality poses to their operations, they need the expertise and experience of a dedicated cyber-security firm, like Veteran Business Solutions, to successfully combat this danger.
