New YouGov survey suggests majority of British businesses could be failing to implement basic security practice says security experts at ACTIS. 54% of decision makers surveyed say their business is not regularly checking leaking of sensitive corporate information such as building plans. Over 40% have never conducted a risk assessment of the threats to their business
· ACTIS today launches first online executive training in corporate security and counter-terrorism policy, developed in partnership with RUSI
· UK business leaders can now assess their own preparedness using new self-assessment tool
The vast majority of British industry leaders are not ready for future terrorist attacks according to expert analysis of a new online study. ACTIS, the online education experts in the fields of counter-terrorism, terrorism, intelligence and security studies believe over 80% of those surveyed would fail a simple counter-terrorism preparedness test*, possibly leaving them and their staff at risk, following a YouGov survey of over 600 British business leaders.
To address these vulnerabilities ACTIS today launch the first ever policy-based online executive training in corporate security and counter-terrorism. The flexible, e-learning courses have been developed in partnership with RUSI, the UK’s professional forum for defence and security. They are aimed at individual security professionals, local and international companies, and executives within government agencies and the wider public sector. They will also be of interest to diplomats, journalists or industry commentators looking to improve their understanding of national security policy. The courses, which include two free modules on ‘Understanding Terrorism’ and ‘Counterterrorism Policy’, aim to help students understand the threats their organisations and staff face, and the appropriate measures required to reduce their exposure to risk.
As a first step UK industry leaders can also benchmark their preparedness through a new ‘threat-readiness’ self-assessment tool. The tool is based on the new specialist course content and consists of eight examples of simple and affordable best practises that most organisations should have in place to reduce the risk and potential impacts of a terrorist incident or major security breach.
In launching these, ACTIS hope to help the UK’s public and private sector better prepare for, respond to, mitigate against and recover from, serious attacks and emergency situations that arise from all forms of modern warfare, cyber hacktivism and terrorism.
According to START, the National Consortium for the Study of Terrorism and Responses to Terrorism in the US, there have been over 600 terrorist events on UK soil since 1970, whilst figures from AXA, the Business Insurance specialist show that over 80% of UK businesses that face such a major incident never reopen or close with 18 months. However when questioned during the new YouGov survey developed with ACTIS, only 18% of GB decision makers estimated the frequency of these incidents to be 500 or more and only 6% correctly judged or overestimated the impact of them on those businesses affected.
As a result its perhaps not surprising that today’s survey results also found a concerning lack of adherence to even basic security practise.
Key findings include:
· 54% of respondents said their businesses has never checked or hasn’t checked in the past year whether any sensitive information about their organisation (e.g. financial records, building plans, evacuation procedures etc.) is openly available in the public domain. This rises to 56% within the manufacturing industry. In 2009 more than 10,000 confidential client memos sent through Bloomberg’s private messaging system were published online by a former employee. The sensitive conversations, including messages from traders at more than a dozen of the world’s largest banks, remained openly available through a simple Google search until earlier this year.
· 40% of respondents said their businesses has never prepared a list of potential risks to their business including 62% of those surveyed within the retail industry and 41% within the construction industry.
· Just over a third (34%) said their companies do not enforce any sort of computer password policy. This rises to 42% within the retail sector. In March 2012 a server containing Medicaid information at the Utah Department of Technology Services was breached. In the process sensitive information from 780,000 individuals was stolen. The breach was possible due to a configuration error and weak passwords.
Quotes
Daniel Neubauer, LL.M., President of ACTIS said:
“In these uncertain times, security practitioners, business leaders, and heads of our public sector institutions cannot afford to ignore the risk posed by an increasingly unpredictable threat landscape fuelled by the growth of physical terrorism and cyber hacktivism. These new ACTIS courses provide unique access to detailed specialist content on defence and security strategies to reduce your exposure to risk without demanding significant new investment and staff time out of the office. Decision makers can trust the quality, expertise and heritage of the organisations and individuals involved in ACTIS and can confidently put their people on our courses, knowing the certifications they receive are a benchmark for security excellence.”
Professor Michael Clarke, Director General, RUSI said:
“Security threats are an ever changing phenomena and difficult to contain. The results from this new survey clearly demonstrate that gaps have grown in our business leaders’ understanding of what is required to adequately protect themselves. This is why it is so useful to have an online resource, such as these new ACTIS courses provide, which can be updated instantly with new intelligence by world leading experts such as ourselves at RUSI. Through these courses ACTIS and RUSI are giving UK industry the best possible chance to protect themselves and their staff, and gain a competitive edge in the face of terrorist challenges that we all agree are with us for a generation or more.”
