Guarding against cyber attacks

Cyber crime is on the increase and costs the UK economy billions each year.

According to a joint government and industry report, The cost of cyber crime, published with information intelligence firm Detica, more than three-quarters of the £27 billion annual economic cost of cyber crime is felt by businesses, totalling around £21 billion a year.

Stewart James, a partner in the intellectual property and technology group at law firm DLA Piper, says: “The risks faced depend on what they do and how they operate, but include unauthorised access or loss of personal data, or other confidential information. This could lead to breaches of regulatory obligations or contract, or other disruptive attacks that result in damage to operational systems and processes.”

Gavin Lyons, chief executive of IT security service provider Accumuli, thinks threats can be traced back to one of three sources: criminal organisations which extract data from companies for financial gain; internally, from a rogue employee; or human error, where private data is mistakenly leaked.

The adoption of devices, such as tablets and smartphones, in the workplace has also left businesses more open to attack

“The trick for any company is to understand where they are vulnerable, what governance and compliance they require, and implement [it],” he says. “There are many security solutions that address different types of threats, but I think that’s part of the problem. It’s important they’re being implemented correctly, and the security of the business assessed and reported back appropriately.”

The adoption of devices, such as tablets and smartphones, in the workplace has also left businesses more open to attack.

“Employees are the weakest link in the security chain; they need to be made aware of the threats and given procedures for responding to them. There’s a real need to change IT usage cultures,” says Mr James.

With so much at stake, many large companies have invested in disaster recovery to limit any damage from an internal or external threat.

John Dryden, chief technical officer at IT support company IT Lab, says business continuity and disaster recovery have undergone significant changes over the past few years.

“The huge growth in virtualisation and the advent of the cloud have made them [contingency plans] much more affordable,” he says. “In the past, having a disaster recovery plan often meant replicating your IT set-up almost exactly, both in terms of hardware, but more importantly cost.

“Now companies can do this on a cloud platform at a fraction of the cost. Third-party cloud platforms can allow a company to virtually replicate its infrastructure, complete with all the required levels of redundancy.”