As it stands, cyber security threats are perhaps the greatest risk facing businesses the world over. Just this month, it was reported that Verizon has lowered its bid for Yahoo by $350 million in the wake of the company’s cyber breaches. The Cisco 2017 Annual Cybersecurity Report showed that one-third of organisations that experienced a breach in 2016 reported substantial customer, opportunity and revenue loss of more than 20 per cent. Breaches hit the bottom line and that should absolutely make security a C-suite topic. So why are many businesses leaving themselves open to attack? A shifting threat landscape Despite the prominence of cyber security threats over the last two years, many businesses are still failing to master the basics of cybersecurity. Fujitsu’s own Threat Predictions Report for 2017 has found that European businesses are leaving themselves vulnerable to attack by failing to carry out simple but vital tasks, such as keeping up with basic IT security processes and revoking the access rights of former system users. This also appears to be an issue for the UK; according to Cisco, the UK has the lowest level of security maturity worldwide. As a result, companies are needlessly at risk of data loss, data theft and the external disruption of their systems. This is seriously concerning. The threat landscape is continually shifting, and cybercriminals are constantly growing in their sophistication. For example, it’s likely in the next few years that hackers will make increasing use of artificial intelligence in their attacks. And with the introduction of the General Data Protection Regulation in May 2018, businesses will face several financial penalties for data losses, of up to four per cent of worldwide turnover. Every business executive must take responsibility for their business’ cyber security threats – or risk becoming the latest high profile disaster. Understanding the issue Every C-suite officer, whether they’re IT-focused or otherwise, must ensure that they have a good grounding in cyber security threats, including the vulnerabilities of the business and the steps being taken to mitigate them. Ignorance is not an excuse. The relationship between the leadership team and the IT department is crucial. The IT team must be equipped with the resources needed to monitor and protect against cyber security threats, including the basics of maintaining basic security processes and access rights. As and when serious threats do occur, it’s vital that security teams are equipped with the capabilities and resources to respond quickly – and have the route to escalate the threat to the leadership team as needed. The C-suite must have a well-rehearsed strategy to respond to breaches that take place. In the short term, this includes contingency plans and business continuity plans, to enable the business to continue to operate despite the attack. The response must include communicating in good time with key stakeholders inside and outside the company, to explain the extent of the attack and its impact. Being able to act promptly against prepared plans and quickly and openly communicate can be vital in mitigating damage to the company’s reputation and share price. It’s also important to remember that the fight against cyber security threats can’t rest within the C-suite and IT department alone. Every employee is at the front line of the business’ cyber defences. The leadership team should aim to create a culture of cybersecurity, by re-skilling employees to make them security experts and ensuring that the entire workforce has a grounding in best practice. By giving every employee a stake in cyber security threats, organisations can help to reduce the risk of the most easily avoidable attacks. An evolving issue The C-suite must also stay aware of how new technologies bring new cybersecurity challenges and threats. Many businesses are currently realising the potential of the Internet of Things to enhance business processes or provide new services, and the truly smart city is on the horizon. However, as the recent Fujitsu Threat Predictions Report shows, many protocols designed for connected devices have their own vulnerabilities. Businesses must consider how they will keep themselves and their customers safe from hackers as these technologies take off. Addressing cyber security threats from the outset, such as during the product design phase, will help to protect devices throughout their lifecycle. But the newest technologies are also providing us with powerful tools to combat cyber criminals. Artificial intelligence will become a game-changer in enterprise security, acting as an early warning system for unusual web activity, for example. Executive officers should monitor these upcoming tools and be ready to apply them within the business as soon as possible, to stay ahead with their cyber defences. Going forward with confidence Technology is an essential tool in modern business, and one that brings great advantages. However, the digital world has also brought immense risks in the shape of cyber security threats, and this is something that business leaders cannot afford to ignore. It’s clear that in the worst cases cyber breaches can damage a business irreparably, which must put cyber security threats at the top of the agenda. By leading the organisation’s fight for cyber security, business executives can seriously mitigate the risk and impact of attacks and face the future with confidence. Duncan Tait is corporate executive officer, SEVP and head of Americas and EMEIA at FujitsuImage: Shutterstock
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.