Cyber attacks are becoming more prevalent, and they have been identified as one of the most strategically significant risks confronting the world today. The threats and breaches are coming fast and hard, and do not show any signs of stopping.
As digitisation booms, there is the need for rapid attention and financing on cyber security to check the activities of criminals who are using artificial intelligence technology to invent new attack strategies and the exploitation of victims with the use of different attack vectors.
The Central Bank of Nigeria (CBN) recently released a risk-based cyber security framework and guidelines to help financial institutions strengthen their cyber resilience, as they are one of the most regulated industries in the world. While some of these institutions are compliant with the rules, they still get exposed to a growing source of risk from criminal actors, hackers, state actors, and competitors.
According to the PricewaterhouseCoopers’ (PwC) Global CEO survey 2021, about 47 percent of CEOs globally say they were worried about the negative impact of cyber attacks on their organisation’s growth prospects.
“This growing dependency on automated digital processes, which creates ever more connections between organizations, is why cyber attacks are now considered to pose an existential threat to businesses,” said Alex Petsopoulos, partner at PwC U.K.
Experts say protecting a company from cyber attacks begins with cyber security training and awareness. This training has benefits that include recognising the signs of suspicious activity, reinforcing confidence in key stakeholders that their data will remain protected and cost savings in the long run.
Here are some of the points to note when dealing with cyber attacks in your organisation.
Read also: How Nigeria can address rising cyber threats to drive digital economy
Invest in progress, not maintenance
An organisation’s efforts and investments should not be at the same pace as its digital transformation. They should be keen about an increase in investing in cyber security, allocating resources to people, processes, and technology. Cyber attack is becoming more prevalent and ranked as one of the most significant risks the world’s business growth prospects are faced with.
There have been attacks on government-owned organisations, local and private companies, educational institutions, as well as non-profit organisations. For example, the London-based Harris Federation suffered a ransomware attack and was forced to temporarily disable the devices and email systems of all the 50 secondary and primary academies it manages. This resulted in over 37,000 students being unable to access their coursework and correspondence.
The chances that your organisation’s security will not be encroached on are slim because the severity of these attacks is on the increase every hour. The infrastructure put in place to respond to any form of breach of security is what will keep the trust of your stakeholders intact.
Understand the risk with Cloud adoption
Companies do not consider the unique security risks cloud adoption comes with early enough to enjoy the benefits and avoid extra costs.
The risks include grid computing, utility computing, and autonomic computing.
A successful cloud security campaign should always start from due diligence on what constitutes risks.
Incidents are inevitable
Most organisations believe that the risks associated with cyber insecurity might likely not rise.
Half of the organisations that reported malware cases via software update were 54 percent, attacks on software supply chain (51percent), and business email compromise (50 percent), the PwC survey showed.
When asked how prepared they were for incidents experienced in the last 15 months, about 55 percent said they were “well prepared” to address the lapses. 45 percent of respondents were unprepared.
Being cyber conscious starts from the top
A report by Mimecast’s ‘State of Email Security’ revealed that nearly 40 percent of IT decision-makers believe that their organisation’s CEO is a weak link in their cyber security operation.
Successful Chief Information Security Officers (CISOs) now act as business promoters. They now ask “how can we do it?” instead of “we can’t do it.” There is also a weekly interaction between CISOs and CEOs. The survey also found that 43 percent of respondents interacted with the board at least once a week in the past 12 months.
Plan and get ahead of evolving threats
With the application of newer security measures, organisations are beginning to understand the need to plan ahead. Cyber risk quantification is a priority for these measures taken over the past two years. Risk quantification starts with the evaluation of your organisation’s cybersecurity risk landscape.
81 percent say this methodology helps them increase productivity and focus on strategic matters. It is useful for understanding and managing financial exposure to cyber risks, identifying and prioritizing remediation activities based on financial risk exposure.
