This page contains a Flash digital edition of a book.
technology 37


Protecting your business: Cyber security,


state of the nation Pitmans, specialist legal advisers to the technology sector, working in collaboration with the digital technology trade association techUK, recently assessed the importance placed by UK businesses on cyber security and associated IT threats to business continuity


Undertaken in December 2013, the findings demonstrate that the vast majority of UK businesses are aware of the growing threat presented through cyber-attacks and data theft but that many have inadequately communicated their policies and procedures (if indeed they have these at all) to their staff.


it to suffer a further breach. This indicates a lack a transparency and clarity within companies as to how further breaches should be tackled.


Does your company have crisis management/emergency response strategies in place should a cyber breach occur?


Whilst many businesses recognise cyber security as a substantial concern and highlight the need for it to be discussed and managed at board level, over 50% of respondents do not have a specific budget to deal with cyber security protection and breaches.


es your company have a specific budget to address cyber security?


Does your company have a specific budget to address cyber security?


Unknown 23%


Yes 23%


No 54%


92% of managing director’s consider their cyber security policies and systems are sufficient to protect their business. However, only just over half of respondents have crisis management/ emergency response strategies in place should a cyber breach occur; of these, only 38% periodically test their crisis management and emergency operation procedures. This suggests many organisations are either over- confident or have not properly transformed recognition of the threat into genuine investment and implementation to combat cyber risks. In addition, where respondents have suffered cyber security breaches, 59% are unsure whether their company would take a different approach were


Does your company have crisis management/ emergency response in place should a cyber breach occur?


Unknown 17%


No 30%


Yes 53%


continue to grow over the next few years driven by economic and societal changes. Remote working has a significant impact on cyber security. Whilst the survey suggests that over 90% of businesses offer staff the opportunity to work remotely, 80% of respondents stated that their firm implemented the minimum required level of security to protect their data, information and intellectual property.


- 51% of businesses who confirmed they had strategies in place to deal with a cyber breach were based outside the Thames Valley


Cyber security is an essential component of the £2 trillion global ICT market, and already worth £123 billion in its own right, growing by over 10% every year. The UK market is conservatively estimated at £3.9b, with 2,500 companies operating in the sector.*


The scope of cyber security threats can vary but have the potential to cause immense disruption to a business. Disruptions to business continuity can impact directly on customers and ultimately to cashflow and profitability. The survey suggests that the key threats to our business community include hacking, viruses, loss of data and unauthorised access to company data. Approximately two thirds of companies that responded undertake cyber security risk assessments to ensure any dangers to their operations are mitigated as far as possible.


One major focus on the study was around remote and mobile working. This popular practice will


THE BUSINESS MAGAZINE – THAMES VALLEY – FEBRUARY 2014


The survey highlights a lack of measures in place to deal with cyber breaches. As cyber- attacks have increased over the past few years, increasingly businesses have looked to insure themselves against these risks. However, only 7% of businesses who submitted responses to the survey are investing in stand- alone cyber security insurance with a significant number of business leaders unaware of their company’s level of protection. In addition, many are unaware of previous breaches or their firm’s ability to respond to future online attacks. Basic awareness of cyber security is essential to ensure employees are mindful of the dangers to business continuity and greater measures must be implemented to avoid the catastrophic risks to the long-term performance of a business should an attack occur.


Another focus was around social media use in the workplace. 75% of businesses allow use of social media at work with two thirds of staff aware of a specific policy. However, only one third of companies monitor the use of social media by their employees. Businesses are taking significant risks by overlooking the potential harm to their reputation and business should an employee post something defamatory or confidential on Facebook, LinkedIn or any of the other popular forms of instant communication platforms.


Ruth Davis, head of programme cyber, justice and emergency services at techUK, commented: ‘Businesses understand that they are at risk from cyber-attack but employees are not always aware where the risk lies. Recent research by techUK and Symantec found that 71% of respondents thought the IT department was at risk from cyber-attack but only 31% thought the HR department was a target and 34% the sales department. However, targeted attacks against


employees working in sales and with confidential information surged by 42% in the past year. Successful mitigation of cyber risk will require everyone to take responsibility for it.’


Philip James, partner and cyber lead at Pitmans, commented: “What is clear from the survey is that, while many businesses now recognise and invest in cyber security, there is still much to be done to ensure that both organisations and their supply chains are sufficiently audited and secured to protect invaluable information assets. In addition, many organisations still do not yet realise the significant benefits that productive security strategies can bring. This report highlights that businesses are failing to consider their risks fully; for example, only 13% of businesses require their third party suppliers to have cyber security insurance. If third parties have access to company data, information or intellectual property:


• the opportunity for an attack is greater;


• it is likely to be more complex to investigate; and


• it may be more readily exploited without an organisation’s knowledge;


unless adequate security measures and precautions are taken.”


Pitmans and techUK will be revealing the results of the survey at Pitmans’ third annual Cyber Security Conference on February 20 in London, at which the key note speaker for the event will be Phil Cracknell, head of Information security at TNT Express. Cracknell is widely regarded as one of Europe’s leading information security, risk and compliance specialists. He has experience spanning 25 years gained in a variety of high-profile technology and management roles.


For further information on the event, see details below. Places are limited, so please book now.


Details: www.pitmans.com/events


* UKTI First Cyber Security Export Strategy Press Release, May 20


www.businessmag.co.uk


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58  |  Page 59  |  Page 60