Last June, Nintendo joined fellow online games company Sony and US-based defence contractor Lockheed Martin in confirming that it had been targeted by cyber attackers.
The announcement came just days after the UK’s Chancellor of the Exchequer, George Osborne, had told an international conference that British Government computers are now on the receiving end of over 20,000 malicious e-mail attacks every month.
The message is clear: no organisation in any sector is safe – and the threat is growing.
As the usage of online services increases, so does the scale and sophistication of cyber attacks directed against targets ranging from countries’ Critical National Infrastructure (CNI) and the global financial system to less obvious targets such as mining companies.
Due to this, PwC is now calling for CEOs and Government department heads to take the lead on cyber security rather than ‘pigeonholing’ it as an issue for the IT guys to handle.
The Cyber-Savvy CEO – Delusions of Safety?
In a White Paper entitled: ‘The CyberSavvy CEO – Delusions of Safety?’, PwC calls on private and public sector leaders to gain a better understanding of the cyber threats they are facing and outlines six key steps necessary to be ‘cyber-ready’.
The supporting Global State of Information Security Survey polled 9,600 executives worldwide. More than two-thirds (69%) of 733 UK respondents said the increasingly aggressive risk environment, fuelled by the global economic downturn, has boosted the importance of the security function.
Disturbingly, though, the increased profile of cyber security is not being matched by the amount being spent on shoring up organisations from the threat of attacks.
Only 35% of UK respondents said they plan to spend more on information security over the next year compared to the global figure of 51%.
Urgent issue facing today’s organisations
William Beer, a director in PwC’s information and cyber security practice, said: “Executives have traditionally focused on the rewards stemming from operating in the cyber environment and not on the risks. Confidence in the cyber environment can be misleading, and many organisations have delusions of safety. Operating securely in the cyber environment is among the most urgent issues facing organisations today, and the time has now come for them to get involved.”
Elsewhere, PwC finds that the rise of cloud computing had improved but at the same time ‘complicated’ the security landscape. 39% of organisations said cloud technologies had improved security while 30% claimed it had increased vulnerability, while the largest risk to cloud computing is perceived to be the inability to coherently enforce provider security policies.
Mobile devices and social media also represent a significant new line of risk – and a demand for prevention. Organisations are beginning to ramp up their efforts to prevent mobile and social media-based attacks.
In terms of security around employees’ personal devices, the UK lags behind the rest of the world.
The Cyber Savvy CEO: Delusions of Safety Report was based on a global research project and explores trends and developments facing both government and businesses. The report includes data from a “Quick Poll” of PwC clients and Information Security Forum Members.
The White Paper can be found here
The 2012 Global State of Information Security Survey is a worldwide security survey by PwC, CIO Magazine and CSO Magazine. It was conducted online between 10 February and 18 April this year. Readers of CIO and CSO Magazines and clients of PwC from around the globe were invited via email to take the survey.
The results discussed in this report are based on the responses of more than 9,600 CEOs, CFOs, CISOs, CIOs, CSOs, vice-presidents and directors of IT and information security from 138 countries.
29% of respondents were from North America, 26% from Europe, 21% from South America, 20% from Asia and 3% from the Middle East and South Africa. The margin of error is less than 1%. The UK sample comprises some 733 respondents.
Two-thirds of business owners would “take the law into their own hands”
Meanwhile, a new report commissioned by CCTV and surveillance vendor Storage Options two weeks prior to the UK riots has revealed some stunning revelations about how British business owners were feeling in relation to the overall safety of their businesses.
When asked about safety of their companies almost two thirds of the business owners (65%) said they would actually consider taking the law into their own hands to protect their company.
Interestingly, almost half of the business owners questioned (47%) were either confident or very confident in the police to do their jobs even after the Government cutbacks.
However, more than a quarter (26%) did think their businesses were at more risk of crime due to them.
Paul Evison, marketing manager for Storage Options, commented: “This research was commissioned in the first week of August before the terrible events we saw spreading across the country, and I think it shows how small business owners were feeling about their overall security. Although most people said they would consider protecting their companies, many felt that the police were still doing a great job.”
Evison continued: “I think it would be interesting to see how this research would compare with research performed today. We have seen CCTV sales grow rapidly over the last couple of years, and this research found that 67% of companies already have some kind of CCTV system in their business as a deterrent. It certainly shows we are a security-conscious nation.”
Greater security with manned security?
The research also revealed that a third of business owners (33%) felt their businesses would be more secure with a private security officer in place, but then one-in-ten admitted they didn’t trust security officers to be on the premises.
Evison stated: “It seems as a nation we want to feel properly protected but don’t trust others to do it for us. I imagine most businesses across the country have now reviewed their own security carefully to ensure they aren’t at risk.”
The research found that almost half of all the business owners questioned (44%) had unfortunately been the victims of crime before, with more than a third (34%) stating that criminality had occurred on more than four separate occasions.
Further information on Storage Options
