War, economic uncertainty and global political unrest are the perfect storm for a cataclysmic cyber-attack

Following economic recession, the war in Ukraine, global disruption of the supply chain, political unrest and an environmental crisis, what could possibly be next?

It is because of these factors that the most likely threat on the landscape, to you and your company, is a cyber-attack.

A cyber-attack will inflict a tangible and devasting impact on every area of your business, including the share price of your company. The recovery bill will be huge, the costs of disruption to operations could be massive and reputational damage is a forgone conclusion.

Research conducted by IBM Security and the Ponemon Institute found that the average cost of a data breach has hit a record high of £3.74 million. Critical national infrastructure (CNI) provider incidents cost, on average, £860,000 more than other organisations.

And compounding these costs are the regulatory penalties that will be imposed as a result of your systems and the information they contain being compromised.

Recent spikes in economic, political and social unrest provide the perfect climate for cybercriminals to operate. For example, in August 2022, one of the hottest on record, the UK water company South Staffordshire PLC, which supplies drinking water to 1.3 million people and 35,000 commercial customers, was the target of a cyber-attack.

Two construction companies building NHS Nightingale hospitals at the height of the pandemic also suffered cyber-attacks in the throes of a national crisis.

Cybercriminals defrauded the government of Puerto Rico for $2.6 million while they were focused on a national emergency caused by a 6.4 magnitude earthquake.

The Costa Rican government was brought to a standstill following a Russian-linked cybercrime group conducting a ransomware attack. The attack targeted the Ministry of Finance, which paralysed the country’s import and export businesses.

No matter what your sector or industry, ongoing global challenges will almost certainly have an impact on your business – the consequence of which is a heightened risk of a cyber-attack on your company.

Alarmingly, the UK’s Department for Digital, Culture, Media & Sport reported in July 2022 that, of the companies surveyed, cybersecurity was taken much more seriously after suffering a data breach than before.

Don’t wait until it’s too late to appreciate that the threat is real. Action is needed now, not after the event when your reputation has been damaged, your operations have been halted and your share price has plummeted. The current stock market activity is creating damage on its own, so don’t heighten this by being unprepared for a cyber-attack.

It’s time to consider the defence measures you have in place for cybersecurity resilience:

• Technology: Do you have the technological capability to sustain operations in expected and unexpected conditions? What recovery protocols do you have in place?

• People: Are your employees knowledgeable about cybersecurity? Are you confident that they’re applying secure behaviours across the board?

• Data: Are you reassured that the confidentiality, integrity and availability of data is secure at all times?

• Premises: Do you have contingency plans in the event of the loss of mission-critical buildings as a result of fire, flood, terrorism, protest and power outages?

• Third-party suppliers: Do you have contingency planning and robust third-party agreements that cover due diligence in all aspects of service delivery, including data handling in place in the event of service disruption from a critical supplier?

If you cannot confidently answer these questions with a yes, there is work to do. Remember: to be the best, you must be prepared to handle the worst.

If you’d like an informal chat with The Security Company on how we can help you improve your organisation’s cybersecurity, contact us on 01234 707026 or at jenny.mandley@thesecuritycompany.com