Cybercrime is a threat

and British businesses can’t afford to ignore it As I wrote here at the beginning of last December, 2015 will surely be seen as the year of the big data breach, high profile data breaches at Ashley Madison, Carphone Warehouse, Talk Talk, Hilton Hotels and J D Wetherspoon made headlines. And rightly so as the personal details of some thirteen million people were compromised in those few breaches. And while some of those breaches were conducted by sophisticated ‘cyber pirates’, others were accomplished by disaffected teenagers. Other data breaches – such as that suffered at Morrisons, which compromised the personal details of some 100,000 Morrisons Staff – was a deliberate act by an employee ‘with a grudge’. While the board of Talk Talk concede that the cost of remediating their attack at ‘no more than £35 million’ the, relatively small, Morrisons breach cost around £2 million to resolve. Anthony Hilton, writing in the London Evening Standard (here) described Cyber crime as a “threat that British businesses can’t afford to ignore”. Hilton cites a study by the Centre for Economic and Business Research that suggested that 60% of surveyed businesses were ‘confident that their security would keep an attacker at bay’, brave words when you consider a survey by PwC suggesting that ‘90% of large companies and 74% of small companies had experienced some kind of breach in the previous 12 months, and most had experienced more than one – the average was four’. The CEBR survey also suggests that 14% of companies have never had a board briefing on cyber security, and 32% have never prepared a formal risk assessment....