Irish companies have been warned that they have a higher cyber risk rate than the global average.
According to research by Aon Risk Solutions, the global average cyber risk stands at 86%, while Irish companies have an average risk factor of 92%.
Delving further, the research has shown that 72% of Irish companies are at risk of cybercrime due to third parties. This is highly significant as it has been shown that many high profile attacks have been mere way points on the way to an ultimate goal.
Aon said that nearly a quarter (22%) of Irish companies have reported a breach in the last 12 months. The company warned that Irish organisations need to focus more on effective measures to mitigate such risks.
The research was derived from data gathered through the use of the Aon Cyber Diagnostic Tool by more than 1,200 companies.
“The digital interconnectivity of business operations, suppliers and customers in today’s world has resulted in organisations being increasingly exposed to cyber-attacks,” said Sarah Stephens, head of Cyber Risk and Commercial E and O – EMEA, Aon Risk Solutions. “As the technology sector evolves and companies become more reliant on cloud computing, big data and social media the cyber risk threat continues to grow. While technical innovation is a great thing that can benefit everyone it can also be damaging if a company’s policies and procedures do not change to keep pace with the potential exposure that the use of new technology can bring to a company or an individual.”
The Aon research showed that there was a lack of engagement at board level among Irish companies, with only 22% reported as being actively engaged on the topic.
Constantin Biere, MD, Aon Centre for Innovation and Analytics in Dublin, speaking to TechPro, said that because of the level of risk involved, a shared approach among management is vital.
“I believe in management that runs by joint and shared responsibilities,” said Biere.
“A major risk like this requires a shared responsibility, which requires a minimum understanding of the level of risk. When it comes to questions of risk management, you need to have an awareness and understanding of how to approach the process. That is where, I think, the whole board or management team has a responsibility.”
“What will probably help that is that companies are becoming more and more aware of data as a valuable asset,” added Biere. “Data is becoming a driver for revenue.”
Stephens warned that the diversity of threats was also increasing, further complicating the issue of effective mitigation measures.
“The diversity of threats is increasing — from the loss of control of data through the use of outsourcing to the growing proficiency of hackers and malicious individuals to the constant risk of human error in an organisation a hit can come from one of many different places,” said Stephens. “One area where we consistently find a weakness is that companies are allowing individuals to send sensitive data to their personal devices. They are doing this without investing in the right kind of training and leave both themselves and the employee exposed. Saving a few hundred euro on training will cost in the long run if an employee treats company data incorrectly.”
Stephens said that the impact of an attack could be “massive”.
“We saw this with the Target retailer in the US earlier this year. According to public information, the credit card fraud suffered by the company resulted in the largest paid cyber insurance claim in history, and had a massive global impact. While this can compensate to a certain level for the commercial and reputational losses suffered it would clearly have been better if the company had been better protected from the outset and not exposed to the attack.”
Stephens also addressed the new data protection directives which will come into force in 2017, which will extend the scope of the EU data protection law to all companies processing data of EU residents.
“The new Directive will require new procedures from companies in the area of data protection. With the Directive less than three years away from being enacted steps need to be taken now to put the groundwork in and to ensure they are in a position to fully comply in time. Aon is currently working with large companies and organisations across Europe to help them prepare for the significant changes that are on the way,” said Stephens.
TechCentral Reporters
TechCentral Reporters
Subscribers 0
Fans 0
Followers 0
Followers