Geopolitical tensions make security measures essential for UK businesses
Geopolitical tensions are rising around the world and global economic structures continue to evolve accordingly. Political disruption and unrest can have a huge impact on the rest of the world. This impact can be seen most clearly in the ripple effects that the current war between Ukraine and Russia has had on the rest of the world in terms of economic volatility, food insecurity and dramatic price increases.
Businesses are, of course, hyper-focused on ensuring their resilience in the face of geopolitical risk, fragmentation and uncertainty, which McKinsey’s latest economic conditions outlook is high on the agenda for companies. CEO. But if businesses are to maintain their resilience during this disruptive time, organizations will need to prioritize their security.
Cybersecurity is already a top concern for organizations, as data breaches and cyberattacks are on the irrefutable increase and hackers are becoming more sophisticated and persistent. Yet growing geopolitical tensions also introduce an increased risk of state-sanctioned cyberattacks that affect both public and private organizations.
Cybersecurity has become a key part of nations’ arsenals during geopolitical conflicts in order to exploit information, destabilize and gain a foothold in targeted nation states. While you might think that government and public institutions would be the most obvious, and only, targets of state-sanctioned cyberattacks, that’s not true. In fact, the United States, Australia, Canada, New Zealand and the United Kingdom have issued a joint cybersecurity council earlier in the year, warning organizations that Russia’s invasion could expose organizations inside and outside the region to increased malicious cyber activity. According GartnerCoordinated cyberattacks have emerged as part of Russia’s offensive since its invasion of Ukraine began earlier this year, affecting organizations around the world.
Organizations within countries that are part of a country or nation that has been embroiled in geopolitical tensions, imposed sanctions, or provided support to it are the most vulnerable to retaliatory cyberattacks that seek to cripple financial and other critical infrastructure. With the increased sanctions the UK has imposed on Russia following its invasion of Ukraine, organizations in the country should be on heightened alert when it comes to securing and protecting their most critical assets.
Essentially, if organizations do not step up their cybersecurity efforts, they will be left unprotected and exposed to both cybercriminals and everyday cyber threats.
The cost of a cybersecurity breach
In today’s digital age, data and information have become one of our most valuable assets. As businesses continue to digitally transform and adopt new and emerging technologies into their organizations to better use and manage their valuable data, they are also introducing new vulnerabilities that malicious actors can take advantage of.
The impact of a security breach can be immense. A leak of customer data can erode trust and scare off new businesses, while the loss of business-critical data can cost businesses in terms of time, money and possible legal implications that can be extremely damaging. .
According IBM report on the cost of a data breach in 2022, the average total cost of a data breach is US$4.35 million, while the average cost of a critical infrastructure data breach is US$4.82 million. Additionally, 60% of organizations’ breaches resulted in a price increase that was passed on to their customers.
Protecting business-critical applications is vital
To prevent the risks and impact of a cyberattack, organizations in the UK need to review their current cybersecurity environment, particularly with regard to their critical applications which are often overlooked.
Business-critical applications are a very attractive target for cybercriminals because they are essential to day-to-day operations. If interfered with, this would impact business continuity and contain sensitive data which, if stolen or made inaccessible, could have devastating consequences not only for the company itself, but also for its customers. , suppliers and partners.
As such, organizations must be able to not only quickly detect and respond to threats, but also identify and mitigate vulnerabilities to ensure the protection of critical business data. By adopting technologies that enable unified threat, risk, and compliance management across the organization, organizations will be able to take a proactive rather than a reactive approach to cybersecurity.
It could also help ease the pressures of lack of cybersecurity skills on organizations. IBM’s report observes that approximately 62% of organizations’ security teams are currently understaffed and therefore ill-equipped to deal with evolving and more frequent cyberattacks. In addition, cybercrime is expected to triple the number of open cybersecurity positions in the next five years, and every IT position also expected to be a cybersecurity position, this poses a huge challenge in terms of being able to deal with the growing risk of cyber threats. . .
Put systems and processes in place to prevent a breach
Organizations should also consider developing and implementing comprehensive cybersecurity programs beyond cybersecurity technology that outline guidelines and best practices for employees to follow. This includes implementing standards and processes that will enable businesses to assess, prepare for, and mitigate these cybersecurity risks.
Cybersecurity awareness at all levels of an organization is also essential to help combat cyber threats, as any organization’s greatest security vulnerability is people. In fact, IBM’s report notes that 19% of breaches were caused by stolen or compromised credentials. The most common ways cybercriminals can gain access to systems are through phishing scams as well as malware and ransomware that are transferred to systems by methods that appear “non-threatening”, such as what the key might look like. Employee’s lost USB. To avoid these vulnerabilities, organizations must educate and train all employees to recognize potential risks and threats while teaching them the guidelines and processes that let them know what to do once they identify them. .
Making cybersecurity a collective responsibility shared by all, in addition to integrating robust cybersecurity solutions, will be key to keeping organizations across the UK safe and secure.
JP Perez-Etchegoyen is technical director of Onapsis.