Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

UK Senior Management Uninformed Regarding Cyber Threats

Thales : 15 September, 2011  (Technical Article)
As the UK Government raises cybercrime to a tier one national security threat, senior managers in the UK's service industries remain largely uninformed about the risks
UK Senior Management Uninformed Regarding Cyber Threats
Board directors at some of the UK’s biggest banks, utility companies and law enforcement agencies remain “largely uninformed” about the financial and reputational risks of a cyberattack, according to new research by the think-tank Chatham House.

The report comes just ahead of publication later this week of the government’s strategy on how to combat the cyber threat. Ministers upgraded cybercrime to a so-called “tier one” national security risk in October, alongside terrorism, and set aside £650m to improve the UK’s resilience to electronic attack.

However, the Chatham House researchers, who interviewed 20 senior managers or board-level directors at organisations considered vital to the UK’s critical national infrastructure, found there was “no coherent picture” of what constitutes vulnerability to cyberattack and “no agreement on the nature and gravity of the problem”.

Although the private sector, and particular the defence industry, is considered to be at high risk of cyber intrusion, the report found that in some companies the heightened perception of online security risks had been met with “diminished resources and interest”. This is despite high-profile cyber breaches earlier this year including a Sony network outage which cost the company ?108m in lost revenue and legal fees, and attempted hacker attacks on the military supplier Lockheed Martin.

Dave Clemente, a cyber security researcher at Chatham House and one of the report’s authors, said he was surprised that the potential risks of laxity in cyber security had not made it up to board level.

“It’s not appropriate for senior managers to work in technical language or understand the IT systems but I would expect them to be aware of the reputational risks they face,” he said.

Mr Clemente added that while some sectors, such as financial services, were able to calculate financial losses from cybercrime very exactly and even account for them as budget liabilities, it was more difficult for other companies to assess the cost of stolen intellectual property.

“If you’re an energy company and someone hacks into your systems and steals a tender for a project you’re planning somewhere in west Africa, how can you calculate the costs of that?” he said.

The report did not say that companies should bear the entire burden, however, and pointed out that the government should be playing a more “integral role” in raising awareness of the issues.

One of the authors’ core recommendations was for the government to set up a “single, accessible bank of cyber security information and advice” on which organisations, enterprises, government bodies and individuals could draw.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo