Bringing you live news and features since 2006 

George Ralph, RFA

Why cyber security should be at the top of your priority list


By George Ralph (pictured), RFA – Cyber security has never been as important as it is today. The Cyber Security Breaches Survey 2017, published recently by the Department for Culture, Media and Sport and undertaken by Ipsos Mori highlights some statistics that should make even the most jaded CIOs sit up and take notice.

Of the 1500+ businesses surveyed, 74 per cent say cyber security is a very high priority for their senior management, and 67 per cent have spent money on cyber security in some shape or form in the past year. For medium sized businesses, the number of organisations which have spent money rises to 87 per cent and for large businesses it is at 91 per cent. The biggest reason cited for this spend is to protect customer data, so say 51 per cent of respondents. But in contrast, only 33 per cent have a formal policy that covers cybersecurity risks, or documents these in a business continuity plan, audit or risk register. Only 11 per cent have a cyber security incident management plan in place. It seems like the fear of attack has induced spend, but hasn’t extended to policies and procedures that could reduce the threat of attack, or ensure attacks were dealt with more effectively.

When firms do invest in cybersecurity, many of those will formally evaluate the effectiveness of their spending, undertaking activities like monitoring levels of regulatory compliance, seeking senior management feedback and measuring staff awareness. Most cite the reasons for this being to justify future spend and to explain the impact to the board and wider staff.

There are some interesting results, for example, 19 per cent say that they are worried about their suppliers’ cyber security, but only 13 per cent require suppliers to adhere to specific cyber security standards or best practice. Again, the fears don’t seem to be translating into appropriate policies and procedures.

The report also shows that cyber security breaches or attacks are fairly common, with 46 per cent overall identifying at least one breach or attack in the past year. This rose to 66 per cent and 68 per cent for medium and large firms respectively.

The most common type of attack or breach came from staff receiving a fraudulent email, followed by viruses, spyware and malware, the identity fraud and ransomware.

It’s clear that technology alone can’t eradicate cybercrime and that with most attacks coming via staff, and being facilitated by human behaviour, some robust policies and procedures are needed.

What’s really interesting is that without investing much more in technology, many organisations could prepare themselves better for cyber attack simply by making some changes to the way staff work, and by infiltrating the organisation’s culture with one of cyber security awareness. There are templates and guides available for organisations which want to implement a written Incident Response Plan, plus sample cybersecurity policies, which can easily be replicated. Then it’s just a case of embedding new behaviours into employee culture with regular training. In this survey, 20 per cent of businesses had staff attending internal or external cyber security training in the last 12 months. Put another way, that’s 80 per cent of businesses that didn’t, which is worrying.

Latest News

US ETF issuers of active ETFs are facing an increase in fees from the big custodian firms, such as Charles..
ETF data consultant ETFGI reports that assets invested in the global ETF industry reached a new record of USD12.71 trillion..
Calastone has published an ETF white paper which examines several of the processes that take place across the lifecycle of..
Adapting product lines to fit into changing methodologies and meet shifting demand is essential to remaining relevant in the industry..

Related Articles

Taylor Krystkowiak, Themes ETFs
Themes ETFs opened its doors in December 2023, with an introductory suite of 11 ETFs – seven thematic and four...
Konrad Sippel, Solactive
At the end of March, financial index specialist, Solactive, published its 2024 annual report on future trends.  ...
Lorraine Sereyjol-Garros, BNP Paribas
Following changes to the French Monetary and Financial Code and of the French market authority AMF’s General Regulation, it is...
Ed Rosenberg, Texas Capital
Texas Capital Bank first opened its doors back in December 1998 and nowadays offers wealth-management services, as well as commercial,...
Subscribe to the ETF Express newsletter

Subscribe for access to our weekly newsletter, newsletter archive, updates on the site and exclusive email content.

Marketing by