Firms Underrate The ‘Seismic Aftershock’ Of An Attack

UK businesses are overconfident in their cyber security planning and underestimate the damage of the “seismic aftershock” that occurs after a breach, according to a new report.

According to research by Lockton, half of UK firms expect to be fully operational within 48 hours of a cyber breach and only two per cent believe the effects will last longer than 10 days.

However, the recovery time for companies hit by large-scale cyber-attacks can actually be months or years, and the study also exposed holes in organisations’ response planning.

For example, 63 per cent of firms recognise reputational damage as a risk of a data breach, but only 26 per cent include their PR and communications chiefs in their incident response plans.

Meanwhile, while 72 per cent of firms know they can lose revenue and 69 per cent recognise that they can lose data, only 52 per cent of firms consider lost customers as a potential cost of a breach.

Just a third factor in the cost of a forensic investigation, only 36 per cent think about time spent reviewing policies and just 46 per cent consider the regulatory fines they might receive.

“The fact that so few businesses are aware of the aftershocks caused by a cyber-attack is concerning,” said Peter Erceg, senior vice president of global cyber and technology at Lockton.

“It can take several months, if not years, to become entirely operational again after a large-scale breach – and for some firms a full recovery may be bridge too far. UK businesses are currently unprepared for the seismic waves that can decimate an organisation caught unaware.”

A lack of senior managerial influence may be holding back the effectiveness of some businesses’ incident responses – just half of businesses involve their boards in cyber security planning.

“Effective cyber breach planning must involve stakeholders from across the business,” Erceg said. “This is no longer the purview of a few IT specialists. The shockwaves of cyber-attacks are too damaging and too prevalent for businesses to not make it one of the biggest risks they face.

“Companies need to shift from a reactive to proactive approach to avoid and manage a cyber-attack. We should all be considering when, not if, an attack will happen and protect ourselves from the risk.”

Director Of Finance

You Might Also Read:

CEOs Are Accountable For Cyber Attacks:

UK Cyber Chief: Company Directors Are Devolving Responsibility For Hacks:

 

« What is Machine Learning?
The AI Apocalypse »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Qualys

Qualys

Qualys is a pioneer and leading provider of cloud security and compliance solutions.

Adeptis Group

Adeptis Group

Adeptis are experts in cyber security recruitment, providing bespoke staffing solutions to safeguard your organisation against ever-changing cyber threats.

Electus Recruitment Solutions

Electus Recruitment Solutions

Electus is a leading recruitment specialist in the Engineering, Technology & Digital and Cyber & Security sectors.

Bundesdruckerei

Bundesdruckerei

Bundesdruckerei specializes in secure identity technologies and services for protecting sensitive data, communications and infrastructures.

ComTrue Technologies

ComTrue Technologies

ComTrue Technologies provides artificial intelligence solutions and information security solutions.

Optiv

Optiv

Optiv is a market-leading provider of end-to-end cyber security solutions. We help clients plan, build and run successful cyber security programs that achieve business objectives.

Ubiq Security

Ubiq Security

Ubiq has developed a software solution that secures any type of data, on any device, anywhere, with nearly no impact to system performance or user experience.

Span

Span

Span designs, develops and maintains information systems based on advanced technological solutions of global IT leaders.

C11 Cyber Security & Digital Innovation Centre

C11 Cyber Security & Digital Innovation Centre

C11 is working with local and national partners to develop talent and bring brilliant minds and brilliant businesses together.

GroupSense

GroupSense

GroupSense helps governments and enterprises take control of digital risk with cyber reconnaissance, counterintelligence and monitoring for breached credentials.

CYBER.ORG

CYBER.ORG

CYBER.ORG's goal is to empower educators as they prepare the next generation to succeed in the cyber workforce of tomorrow.

Wib

Wib

Wib is an API security leader. We are the only company providing a solution for the entire API development lifecycle.

TetherView

TetherView

TetherView provides leading virtual desktop and email security technology to help businesses stand up and manage digital workspaces.

Klarytee

Klarytee

Protect your data wherever it goes. Klarytee is a SaaS platform that builds security into sensitive content to enable granular control in AI, public cloud and SaaS.

Aim Security

Aim Security

Aim empowers enterprises to unlock the full potential of GenAI technology without compromising security. GenAI makes business better - Aim makes GenAI secure.

Intellinexus

Intellinexus

Intellinexus turns data into actionable insights to revolutionise decision-making in your business.