According to insurance broker Lockton - which polled 200 chief financial officers, chief risk officers and chief information officers as well as directors of risk and general legal counsel – only 2% of UK businesses think a breach will affect them for more than 10 days.
Peter Erceg, senior vice president of global cyber and technology at Lockton, said: “The fact that so few businesses are aware of the aftershocks caused by a cyber attack is concerning.
“It can take several months, if not years, to become entirely operational again after a large-scale breach – and for some firms a full recovery may be bridge too far. UK businesses are currently unprepared for the seismic waves that can decimate an organisation caught unaware.”
The survey also found that 63% of businesses recognised reputational damage as an impact of a cyber attack, while more than a quarter (26%) of respondents said the head of PR and communications would be involved in cyber breach scenario planning, while just 42% include PR in their response protocol for a loss of third-party data.
The report also found that only 52% take into account loss of customers as a potential cost when calculating the possible business impact of a cyber breach. Meanwhile only 33% factored in forensic investigation or reviewing policies (36%) or regulatory fines (46%).
In addition, the report found that just 50% of businesses involved their boards at all in cyber security planning, compared to 96% who involve the head of IT.
Erceg noted: “Effective cyber breach planning must involve stakeholders from across the business. This is no longer the purview of a few IT specialists. The shock waves of a cyber attack are too damaging and too prevalent for businesses to not make it one of the biggest risks they face.
“Companies need to shift from a reactive to proactive approach to avoid and manage a cyber attack. Today, we should all be considering when, not if an attack will happen and protect ourselves from the risk.”
Thank you for your input
Thank you for your feedback
DataIQ is a trading name of IQ Data Group Limited
10 York Road, London, SE1 7ND
Phone: +44 020 3821 5665
Registered in England: 9900834
Copyright © IQ Data Group Limited 2024