Data defence: from data breaches to industrial espionage, cybercrime can take on many forms. Neil Hodge tracks the recent growth in cyber attacks and highlights the role CFOs can play in protecting their organisations.
| Position | Business |
Cyber security issues now feature in the list of the top five risks to watch, almost on a par with greenhouse gas emissions and ahead of water supply crises, according to the World Economic Forum "Global Risks 2012" report. Cybercrime also now ranks as one of the top four economic crimes, after asset misappropriation, accounting fraud, and bribery and corruption, according to PwC's "Global Economic Crime Survey", which was published last November.
While it is difficult to determine the actual financial impact of a cyber attack on an organisation (the vast majority do not disclose such details and are not compelled to do so in most countries), the reputational damage can be calamitous. For example, in April 2011 electronics company Sony admitted that the personal data of more than 100 million customers had been breached, prompting compensation claims and lawsuits. Hacker group LulzSec targeted the company just two months later, purely to show how vulnerable it still was to "simple attacks".
And although organisations may be investing in the latest IT to protect themselves, their customers' details can still be at risk if third-party contractors have vulnerable systems. Last April saw marketing firm Epsilon suffer a breach of its extensive database, which contained the names and emails of customers at high-profile partners such as hotel group Marriott, fashion group Lacoste, retailer Marks & Spencer and financial groups JP Morgan Chase, Barclays, Citibank and Capital One.
Epsilon initially downplayed the breach, but its partners could not. They began issuing warnings to millions of their customers, cautioning them to be on the lookout for subsequent spam and phishing. Reuters put a $100m price tag on the incident, which falls directly on Alliance Data Systems, Epsilon's parent company.
All organisations are potentially at risk from cyber attacks. Verizon's 2011 "Data Breach Investigations" report found that the hospitality and retail sectors suffered the most breaches (40 percent, and 25 per cent of total breaches), possibly because they are deemed soft targets and are less likely to seek prosecutions compared to banks or government agencies. Financial services followed in third place (22 per cent). Government came fourth, accounting for four per cent of breaches. But experts believe that financial services firms are among the most likely to be attacked because they hold such valuable customer information.
Cyber attacks can take many forms. Perhaps the most serious cyber threats for organisations are "advanced persistent threats"...
To continue reading
Request your trialCOPYRIGHT GALE, Cengage Learning. All rights reserved.
