Whether it’s the inability to access PayPal, data breaches at Yahoo and Talk Talk, the hacked payment system of the Bangladesh Bank, or targeted nation state hacks of email servers, it’s hard to avoid the growing presence of cyber-attacks in our news headlines.
Unfortunately, this is a reflection of the digital world we live in. Every single day businesses face more strategic, astute and destructive cyber-attacks. No longer are hackers the stereotypical lonesome teenager in their bedroom rebelling against the system. Instead, they’re organised criminal groups, hacktivists and adversaries, all with agendas and all looking to threaten the foundations of businesses across the globe.
Few businesses (if any) are safe from cyber-attacks and their impact. The complex attacks recently suffered by Twitter and PayPal, some of the world’s best known and most visited websites, are examples of this. The ever evolving nature of cyber and information warfare makes it extremely difficult for businesses to stay ahead of the cyber aggressors – making cyber-attacks a very real threat to a business’s health.
This was a point reiterated at the FT Cyber Security Summit I recently attended. The event brought together experts from businesses, public sector organisations and consultants to answer a key question: how can companies protect themselves, corporate systems, communications and information from cyber aggressors?
The importance of answering this should not be underestimated by businesses. Simply being associated with a cyber-attack today can make share prices plummet, pause new business tenders and destroy business reputation. TalkTalk’s data breach has been reported to cost them in the region of £42 million with its annual profits slashed in half, a substantial hit for any business. At a time when companies need to be attractive to do business with and continue to draw investment, cyber aggressors and the disruption they can cause heightens risk.
In addition, the Governmental regulatory environments tasked with being the watchdog, to enforce best practices in business to protect consumer’s data from breaches; has become increasingly onerous with the advent of the EU GDPR regulation that can impose fines of 4% of the value of global annual turnover of a company or fines of €20 million.
Therefore, it was a timely announcement in the UK by Chancellor Philip Hammond when he recently outlined a new five-year National Cyber Security Strategy aiming to make the country “one of the safest places in the world to do business”. A welcome announcement by all, especially the SME business community who are consistently targeted by digital attackers with three-quarters reporting a security breach last year.
As Ollie Whitehouse, Technical Director at the NCC Group referenced in his speech at the FT summit, “SMEs don’t have the infrastructure or expertise needed to fully combat themselves against cybercrime, so they need government help as much as possible.” An important point when you consider how many small to medium sized businesses work with large corporates. If either are not cyber secure it impacts on the other. This is known as supply chain cyber liability risk. One of the hot topics in cyber security. If we are to make any country a safe place to do business, it will be done by a collective and orchestrated effort that involves employees, customers, businesses (of all sizes) and the government.
Cyber security is now a competitive tool. Businesses who want to work with others are required to constantly demonstrate to clients or prospective customers their credentials in relation to the preservation of privacy, information and data. For this reason, it’s important businesses treat cyber threats with the same level of risk and importance as they do the threat of fires, floods or espionage.
With Tungsten servicing more than 200,000 customers across the globe, we take cyber security extremely seriously. Recently, external auditors completed an ISO 27001 surveillance audit on our London and Kuala Lumpur offices to assess the management and control of information security, and we’re delighted to announce we passed this audit. The successful completion of this provides independent verification that Tungsten Network is committed to guaranteeing the confidentiality, integrity and availability of our information.
Being compliant and adhering to standards like the ISO 27001 is a great achievement but cyber security can’t stop there. As a business we ensure we take preventative measures and consistently screen, test and audit ourselves and our suppliers to ensure we are equipped against modern cyber security issues.
In the fast-moving digital world where technology’s role is only increasing, cyber threats are only going to become more prevalent. Therefore, businesses must switch their thinking from the industrial age to the information age. Doing so will allow them to better understand what they need to predict, identify what they need to protect and implement the preventative measures needed to stop future attacks. Businesses equipped with this knowledge will support the £1.9 billion investment in cyber security made by the government and, make the UK a resilient business hub that is resolute in defending against this intangible 21st century crime.