Majority of organisations hit by at least one cyber attack

The BCI has released the latest edition of its Cyber Resilience Report, sponsored by Fusion Risk Management, which found that three-quarters of organisations have fallen prey to at least one cyber attack in the past year.

This year, interviewees of the report commented that their organisations had been targeted more in the last months. However, organisations seem to be better prepared in preventing cyber attacks thanks to better cyber security systems in place, more staff dedicated to cyber resilience and more extensive training and exercising programmes. The report also found that the losses incurred as a result of cyber crime are directly proportional to the amount of organisational investment in cyber security.

The BCI also says that there is no more separation between cyber resilience and business continuity – 19 out of 20 organisations report having BC plans in place to deal with cyber security incidents. Indeed, as cyber crime becomes more complex and unpredictable, the importance of inter-departmental collaboration comes to the fore. The recent pandemic has showcased senior management the need for resilience to be a strategic priority for organisations, and cyber resilience is a core part of that. Furthermore, with people, rather than technology, being the primary reason for failure, organisations’ entire workforces need to understand the part they play in nurturing a resilient environment.

The greatest concern is Ransomware. Since 2019, there has been a dramatic increase in ransomware attacks. These attacks have a detrimental consequence on organisations from both a financial and reputational perspective. The strategic impact of these attacks is an increasing concern to top management – particularly as criminals become ever more adept.

Rachael Elliott, head of Thought Leadership at the BCI, said “It is encouraging to see management taking a heightened interest in cyber security which, in turn, is ensuring many organisations are able to adopt best-in-class procedures, purchase the latest cyber security technologies and employ the best staff. However, gaps do remain and, for those organisations where commitment is low, attacks are more likely to happen as staff struggle with outdated systems and siloed working practices. With criminals always attempting to stay one step ahead of corporations, attacks are becoming more serious – and more instant. Keeping flowing lines of communication and ensuring top management are wholly engaged with cyber strategies is vital to stay resilient to an ever more complex cyber landscape.”