Member Article

Sharp rise in importance of cyber security, amid geopolitical uncertainty

UK businesses are less prepared for the threat of cyber-crime than in previous years, according to accountancy and business advisory firm, BDO LLP.

The firm’s Global Risk Landscape 2022 report has shown that companies feel almost twice as unprepared for the impact of cyber security threats this year, with 22% of businesses ranking it as their number one priority, the highest score of any risk. This represents a sharp rise, compared to 2020 (12%) and 2021 (9%).

However, the report has shown that 51% of respondents said their business has ramped up cyber security in response to the Russian invasion of Ukraine – one of the biggest issues affecting the cyber security market in 2022.

Matthew Plummer, Digital Specialist at BDO LLP in the North West, specialising in IT governance, risk management and IT strategy, commented:

“It’s very clear that cyber security has risen up the agenda for many businesses in the region, particularly given the current geopolitical climate. State-sponsored attacks are becoming more pronounced amid the invasion of Ukraine and high-profile threats in the UK are only serving to heighten the tension being felt amongst companies in the North West and throughout the country.”

In recent weeks, a number of high profile companies have reported serious cyber-attacks and security breaches.

Plummer said: “Cyber security remains a hot topic that businesses are becoming acutely aware of. While there are many different types of specific threats that are grabbing the headlines, such as Log4J and ransomware, for businesses it boils down to having a solid risk and control framework in place that protects businesses day-to-day.

“Five or ten years ago, many businesses asked, ‘why would anyone try and attack me?’. That mindset has begun to shift given the level of exposure we’re now facing. The reality is, there’s not one sector, or one type of business that’s being targeted. It can be as simple as ensuring that a business is not seen as an easy target – the house on the street without a burglar alarm – and how do they deal with those threats.”

In November 2020, the Government launched the National Cyber Force to tackle the growing problem of cyber-crime. Government-backed schemes such as the Cyber Essential Plus certification, together with other practice standards and frameworks, enable businesses to address the issue and put in place measures to reduce their exposure to cyber-attacks.

Plummer added: “Not every business will need five star, top of the range cyber security controls. However, what they do need to do is think about what is appropriate for a business of their size and complexity, and how they can demonstrate they’ve done enough to protect their data.

“The biggest challenge we’re seeing at the moment amongst North West businesses is the wider awareness in the market. Increasingly, questions are being asked by third party suppliers about a company’s preparedness against potential cyber threats and the likely exposure for those organisations outsourcing business to them. Companies of all shapes and sizes must recognise that cyber security needs to be addressed and that there is buy-in and executive level sponsorship from the very start.”

This was posted in Bdaily's Members' News section by Ian Jones .