Businesses need to make cyber security a board level issue, according to a visiting expert, with malicious ransomware attacks in the last 12 months increasing tenfold.
David Ferbrache OBE is in the Channel Islands to discuss the risks posed by cyber crime as part of Mourant's annual Trust Forums in Guernsey and Jersey.
Mr Ferbrache, who advises firms globally on cyber security, discussed how cyber criminals operate, the way they exploit businesses and their data, and what firms can do to guard against cyber crime.
In an interview with Express, he said cyber threats have become more potent during the pandemic. This was partly due to increased remote working, while some criminals have played on people's covid-related fears. Mr Ferbrache stressed that the threats can no longer be treated as just "an IT issue"
"Globally, cyber crime costs businesses one trillion dollars a year. There has been a seven to ten fold increase in the last 12 months. It is getting very well automated and [cyber criminals] are getting a lot savvier at how they run these attacks for maximum exploitation."
The pandemic has presented new openings for hackers and the designers of malicious ransomware, who, in some of the worst cases, will get into business systems undetected, collect essential information and data, encrypt it, and then use it to blackmail the owners.
Pictured: New cyber security rules for Guernsey businesses came into force this year and can be found HERE.
He continued: "Trans-national organised crime is really hard to prosecute. The FBI has been able to extradite some cyber criminals but it doesn’t happen a lot.
"Most of the focus is on security, how you can disrupt their infrastructure and what you can do to stop them quickly and shut them down."
He gave five general points that will help individuals and business to identify glaring weaknesses and to start addressing them:
System security – make sure you have anti-virus software and are thinking about the passwords you are using, especially when protecting sensitive information;
Education and awareness - a lot of phishing attacks come from people accidentally clicking on a link, so it’s important to know what to look out for and how to report something if you do make a mistake;
Good governance – Any businesses that move money around need to accept that they could be targeted, as a lot of attacks are commodotised and indiscriminate;
Back-ups – you need to have back-up copies of important business data and that needs to be regularly updated;
Have a plan – It is worth going through what your business would do in the event of a malicious ransomware attack so you know what your processes are and are confident that you can execute them quickly and efficiently should the need ever arise.
Mr Ferbrache delivered a keynote speech last night at an event hosted by Mourant. The professional services firm’s International Practice Group Head, Edward Devenport, said it is an increasingly prevalent issue.
“The working world has changed dramatically over the last 18 months as we’ve all had to embrace remote working and new technology.
“Cyber criminals are taking advantage of this situation so it’s more important than ever that firms understand how to protect themselves and improve their cyber resilience.”
Pictured: Mr Ferbrache OBE is KPMG’s Global Head of Cyber Futures and Chair of the Scottish National Cyber Resilience Advisory Board.
Once your comment has been submitted, it won’t appear immediately. There is no need to submit it more than once. Comments are published at the discretion of Bailiwick Publishing, and will include your username.
There are no comments for this article.