The Business Case for Cyber Security

By Julian David

The question is not if a company will face a cyber attack, but when.

The UK is the most cyber-attacked country in Europe and the second-most assailed in the world, with attacks up 40 percent in 2014, according to Symantec. Despite these figures, and an increasing reliance on the internet to conduct business, security still does not get the level of attention it deserves. Whether due to the misperception of cyber-security as merely a function of the IT department, or the myth that a business is too small a target for a cyber-attack, many organisations lack a unified and coherent cyber-security strategy.

Cyber-security remains a reactive action for far too many companies, despite the high chance of being attacked. For far too long, cyber-security has been spoken about in negative terms, instantly scaring many senior executives into taking rash action without a comprehensive understanding of the different cyber-security risks and how they affect their company. 

Instead, cyber-security should be seen as a business enabler. By seeing the information security of an organisation as a business problem, and not just an IT problem, senior executives can devote the same level of attention to cyber-security as they do conventional business risks. Just like other business problems, ineffective cyber-security can affect a company’s reputation, consumer confidence and, ultimately, share price and profits. 

Recent research from by Equinix found that that 7 out 10 companies in the UK do not feel prepared against cyber-attacks. Businesses, especially SMEs, must accept that cyber-security precautions are an inherent part of doing business in today’s digital world and prepare themselves accordingly.

Our research shows that the most common vulnerabilities are ones we’ve known about for a long time and can be easily overcome. Things like passwords and basic security protocols that are unfortunately often neglected, making companies an easy target for attack. As all businesses across the UK become ever more reliant on web-based tools this mind-set must change. 

To help businesses and citizens in Europe stay safe online, we need to have people with the right skills available to the Europe’s fast growing and innovative cyber security sector. At present, Cyber security is one of the areas that suffers most from the skills gap.

We need to make sure that children are being taught about cyber security, and that we attract a wide range of young people to study and take up careers in this area. In November, UK Chancellor George Osborne announced a bold range of measures to enhance the UK's cyber security, setting aside £1.9bn to deliver a series of initiatives to protect the economy and infrastructure, grow cyber companies, and deter adversaries.

Last month saw the launch of one of the key initiatives, a National Cyber Security Centre, which will bring together the UK's leading cyber experts to help ensure that the people, public and private sector organisations and the critical national infrastructure of the UK are safer online.