Wednesday, August 23, 2017

Critical condition

The report of the week

The TV fiction known as Urgency was a milestone in the 90´s. The fiction created  by Michael Criton not only was known for making George Clooney famous, but over the years it was the reference for a typology of TV Shows That still stands to this day: House, Grey´s Anatomy, Central Hospital... A recurrent scene in these medical histories is when the a wounded arrives through the emergencies corridor and the duty doctor undergoes a medical check of the victim elaborating an assessment and  predicting what the patient´s destiny would be. 

Just this week the government of UK made a "report about the health of cybersecurity". After checking the results, it seems that the executives should follow better the cybernetic doctors recommendations because we are in a critical condition.  

One of ten companies belonging to FTSE 350, the 350 biggest companies traded in the traded in the London Stock Market index, works without any response plan against a cyberattack, which is distressing because one on three management boards gets complete information about the cybernetic risks on the network. 

In truth, there have been advances in some areas when compared with the last health check. Now, more than half of the companies are aware about this kind of risks (53% against the 33% recorded last year) and they have a real and clear perception of the impact of a cyberattack (57% against 49%).

Robin Wilkinson, corporate security specialist at GNU/Linux Smoothwall explains: "Having some of the brightest business minds in your organization may translate to short-term wins now, but the high-profile directors without any basic training on how to deal with cyber attacks could send a company’s stock falling in the future. ".

In addition, Wilkinson says: "With no immediate threat of another financial crisis, the main threat to SMEs and large businesses now presents itself in the form of a cyber attack that could cripple databases, steal sensitive information and extract money. Companies ought to be aware of how to deal with such an incident should it occur, putting in the necessary training from high-level director right down to intern – this is important when you consider that the majority of cyber incidents occur through human error": 

This research was picked up by the flagship publication Help Net Security, which also accounts an interesting research about the cybersecurity on charitable companies. One of the initial conclusions of the report was that this kind of organizations are as vulnerable to a cyberattack as other business are. The problem arises in that a big portion of their personnel is not formed in security matters, so there is a big difference of preparation and awareness in the different companies. 

When charitable organizations realize the importance of cybersecurity uses to come when they store personal data of their donors or their services users, or when the have experienced staff. Matt Walmsey, director of the Artificial Intelligence company Vectra exposes: "“Charities must remember that, in addition to the social good they strive towards, they also have a duty of care to protect the personal information of their donors

Furthermore, Mat Walmsey points: "Charities will not be spared from new data protection rules under GDPR, and some may be unable to weather the storm should they fail to meet their obligations. Strong data management, security policies and investment in the latest threat detection and response technologies must be top of the agenda".

With a so disturbing report and the imminent introduction of a new data protection law, the best advice we can give to FTSE 350 companies is that, please, if they want to have an iron constitution, they should take care, follow their doctors advices and be aware of the contaminating agents in the cyberworld. 


Post a Comment