As cyber crime rises up the corporate and political agenda, survey after survey reveals shocking levels of complacency and ignorance at board level and among senior managers.
One of the government’s most recent estimates put the cost of cyber crime to the UK economy at £27bn a year. The sectors most commonly targeted are software and computer services, financial services, pharmaceuticals and mining. Espionage and IP theft constitute the biggest risks (in terms of costs to the economy) but lone wolf hackers and criminal expeditions pose a huge threat to businesses of all sizes.
High profile hacks (such as that suffered by TalkTalk) can spell disaster for a company’s share price, customer trust and brand reputation. Arrests are still being made in relation to that attack, but it appears to have been carried out by teenagers rather than a sophisticated network of cyber criminals.
Meanwhile, experts suggest that the vast majority of cyber crimes go unreported. Often this is down to ransoms – where even businesses such as private dental practices find that their patients’ data has been accessed and a cash payment is demanded in order to prevent publication and subsequent reputational destruction.
Just as a new class of criminals has emerged to take advantage of the age of data and online commerce, so too has a new breed of business aimed at defending firms from this most modern of plagues. Crisis communication consultants, cyber security specialists and former law-enforcement professionals can command huge fees for cleaning up the damage or beefing up security.
Undoubtedly, personal and corporate responsibility must feature prominently in efforts to defend against cyber crime. After all, you wouldn’t leave the house with the door unlocked.
One thing, however, is for sure: this breed of crime isn’t going away. It will become more creative and more prolific. Ignore the risks at your peril.