This page contains a Flash digital edition of a book.
18 security


UK Ltd needs to step up information security measures


Cyber criminals have never had it easier. With businesses needing to operate in cyberspace, relying on mobile devices and heavily using social media and cloud services, the vulnerability of companies has increased alarmingly: 93% of large organisations and 87% of small companies had a security breach in 2013 (BIS, December 2013), write Martin Clutterbuck, relationship director, south technology & telecommunications team and Roland Emmans, head of south technology & telecommunications team, RBS


As the only bank in the UK with a dedicated regional corporate banking technology team we strive to deliver specialist strategic insight and knowledge and in this context are committed to helping educate our clients about the threats of cyber crime. We have been holding fraud seminars across the region with the assistance from local police forces and experts in cyber security such as Kaspersky Lab.


Security breaches affect big and small businesses equally


What we have found is that information security matters for businesses of any size and that just one cyber attack can be very costly: Last year small businesses were suffering £30,000 to £50,000 of costs or financial losses after experiencing a security breach and the damage for large organisations varied between £300,000 to £600,000 (BIS Information Security Breaches Survey 2013). The 2013 number has roughly tripled since the year before and will most likely further increase considering that malware attacks are continually on the rise.


Our technology partner, Kaspersky Lab, one of the global leaders in cyber security, reported in December last year that the firm’s security products globally detected almost three billion malware attacks on user computers in 2013 and nearly 200,000 new modifications of malicious programs for mobile devices (Kaspersky Security Network, NSN, December 2013).


Increasingly, organised groups of highly-qualified hackers are


www.businessmag.co.uk


75% admitted that they had not undertaken any information security training in the past 12 months


looking to steal not only money but also intellectual property, and some of them launch attacks purely to sabotage systems and destroy critical data.


Insufficient budgets and training expose corporates to cyber risks


Despite these alarming statistics, UK Ltd has not yet made sufficient efforts to build a supreme defence. In the FTSE 350 Cyber Governance Health Check Tracker Report (BIS, November 2013), only 40% of respondents were aware of any organisational standards or guidance that their companies followed with regards to cyber security. 75% admitted that they had not undertaken any information security training in the past 12 months.


Some of the reasons for these shortcomings highlights a recent EY study across 25 industry sectors globally: 65% of the respondents cited an insufficient budget and 50% the lack of skilled resources as the key challenges while trying to address mounting cyber risks (EY, October 2013).


Using our top five tips to stay ahead of cyber criminals


Our seminars have emphasised that protection against cyber crime is based on a combination of governance, educating employees and a necessity


to work with experts – all summarised in the following top five tips.


1. Good governance is key: Information security efforts need to be championed by executives at the highest level, and there needs to be a person in charge of information security in every business.


2. Raising awareness and training staff is crucial: Cyber criminals still employ simple tactics such as inserting malware in corporate networks by sending emails containing malicious attachments. Employees who regularly communicate with external stakeholders, such as the HR department or sales, are the weakest link and hence are often the recipients of these emails.


3. Don’t lose sight of new risks: Expanding your business into new markets or growing through acquisitions usually means using new processes and vendors, resulting in varying levels of security risks, which need to be assessed.


4. Evaluate technologies with a focus on security: Companies constantly search for new technologies that help improve their business. However, these emerging, often untested systems may be even more vulnerable to security threats, which needs to be taken into consideration.


5. Collaboration helps: Report a cyber crime to Action Fraud, the UK’s single point for reporting all fraud and online financial crime. Consider


Martin Clutterbuck


Roland Emmans


joining information-sharing initiatives, such as the Cyber Security Information Sharing Partnership, which provides a secure, real-time online platform for government, law enforcement and industry to share information on cyber threats and how to combat them (BIS, November 2013).


To find out how RBS can support your business see details below.


Details:


Martin Clutterbuck 0118-9521642 martin.clutterbuck@rbs.co.uk


Roland Emmans 0118-9522120 roland.emmans@rbs.co.uk


THE BUSINESS MAGAZINE – SOLENT & SOUTH CENTRAL – APRIL 2014


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36