Barely a tenth, 9pc of UK businesses feel totally confident in their organisation’s cyber breach mitigation plan, according to BAE Systems‘ new research into how businesses can react to a cyber incident. Despite continuing news of cyber-attacks and data breaches every day, the findings indicate that businesses are still struggling to establish plans, the defence and security product firm says.
The responses by sector suggest that no companies surveyed from the manufacturing industry are totally confident in their organisation’s cyber breach mitigation plan. This is followed by:
· 5pc from ‘other’ commercial sectors
· 7pc from retail, distribution and transport
· 10pc from IT
· 15pc from business and professional services, and financial services
James Hatch, Cyber Services Director at BAE Systems Applied Intelligence, said: “Many organisations still see dealing with a cyber security breach as a black swan event, something significant and unexpected that in hindsight could have been prevented, and have not yet made their mitigation plans business as usual. Effective management of cyber breaches requires businesses to be organised and prepared for the threats that they face, with a clear process in place. Everyone involved should be confident in what they need to do.”
When asked what was their most important tool in identifying a cyber-attack quickly, almost half (48pc) said that technology is their most important tool, with people coming second at 32pc. Just 15pc named process – but organisations need to deploy a combination of people, process and technology in order to be cyber resilient.
Hatch added: “There are two problems. Most organisations struggle to deal with something beyond the experience of their people. Each time existing experience is stretched it can cause an emotional reaction within organisations. They have to prepare for these new experiences and learn how to handle in the future. External specialists can help but are most effective when their involvement and arrangements for mobilisation, access and communication are defined in advance. There is absolutely a role for technology and automation, especially in reducing the workload involved in dealing with routine incidents so that security teams have the bandwidth to deal with what really matters.
“The range of incidents that an organisation can face varies hugely from ransomware outbreaks to covert targeted attacks to accidental data breaches. But that doesn’t mean that businesses cannot be prepared for all of these eventualities. The key is to differentiate the routine from the unusual and the urgent from the important and prepare for each with the right combination of technology and automation, people and skills, policy and process. Once this is done, cyber breaches become more manageable and less emotional.”
