The cyber threat landscape
For today’s organisations, which rely heavily on technology, and particularly the Internet, to do business, cyber attacks are a very real threat. Worse, the cyber threat landscape is complex and constantly changing. For every vulnerability fixed, another pops up, ripe for exploitation.
Attackers are often motivated by a very high risk-to-reward ratio: digital information is easy to copy, and it can be hard for a victim to detect that an attack happened at all, let alone figure out who was behind it. Furthermore, technology enables attackers to target anyone, anywhere, from the comfort of their home, often using automated tools to identify their victims – and their vulnerabilities.
Committing crimes over the Internet can also be very lucrative. Unlike stealing physical credit cards, which tend to be blocked very quickly, digitally targeting someone gives an attacker the chance to steal that person’s identity and get credit cards issued in the victim’s name. The victim would likely only become aware of the theft after checking their bank statements or receiving a phone call from the bank.
Upscale that by targeting businesses that hold databases with thousands or even millions of credit card details and personal information about their owners, and the profits will certainly be far greater than those of a physical crime conducted in the same timescale and with the same manpower.
Because virtually every organisation holds valuable information, often in huge quantities, everyone is a target. It should therefore not come as a surprise that 46% of UK businesses experienced at least one cyber attack or breach during 2019, which increased to as much as 75% for large businesses.1 Those may include attacks like simple phishing emails, but even the most basic attack, if executed successfully, can
wreak havoc if you are not prepared.
Clearly, it is in your organisation’s best interests to protect itself and invest in cyber security. This paper will look at some of the most important, high-level points you should consider when planning your cyber security – and business resilience – strategy.