UK firms are being lulled into a false sense of security in their battle against crippling cyber attacks, telecoms and consultancy giants have warned.
Ransomware attacks such as WannaCry and Petya have hit the headlines this year, debilitating a wide range of businesses and organisations: from advertising giant WPP to the NHS.
Meanwhile, hackers have accessed huge swaths of personal data for firms. Yahoo, for example, revealed last year it had been hit on two separate occasions, which threatened to unhitch its $4.8bn (£3.8bn) tie-up with Verizon.
“The global scale of the recent ransomware attacks showed the astonishing speed at which even the most unsophisticated of attacks can spread around the world,” said BT chief executive of security Mark Hughes.
Hughes told City A.M. the telecoms giant is one of UK’s most at risk firms from a cyber attack. And in conjunction with KPMG the telecoms giant today unveiled a new report entitled “The cyber security journey – from denial to opportunity”.
Many firms are combating cyber crime by “throwing money” at IT security products. There is a belief it was a “silver bullet” in dealing with the problem, the report found.
However, BT and KPMG said the key to dealing with cyber risks is to approach them similar to everyday operational risks, not siloed as a standalone problem.
Hughes said many firms have the tools and teams to manage the risk of a cyber threat but “the organisations do not pull around them”.
KPMG cyber security practice technical director David Ferbrache said: “Cyber threats are evolving and businesses face ruthless criminal entrepreneurs.
The solution isn’t jargon ridden technology silver bullets but one that involves a community effort in a world where business boundaries are vanishing.
Companies that hold large amounts of personal data, such as BT, Royal Mail and the banking sector are most at risk from the fall-out of a cyber attack, Hughes said.
And he revealed the lengths BT goes in its battle to ensure its cyber security is up to scratch.
Through a process called “red-teaming”, BT hires undercover experts to test security put in place by the group’s “blue team”.
He added: “We’re continually managing risks at BT.”