CEOs risk being 'hung, drawn and quartered’ for cyber security breaches
Chief executives in the wealth management industry run the risk of being locked up for criminal activity if they don’t pay greater attention to the threat posed by cyber security breaches.
Graeme McGowan’s arresting address at Compeer’s annual WealthTech event on Tuesday evening (19/04/2016) told of how 40 percent of companies experienced a data breach in 2014, with data being stolen within seconds in half off all cases.
Despite this as many as 41 percent of breaches go undiscovered for months, costing companies millions of pounds and, in some cases, their business.
“No one is immune from cybercrime: no one is too big or too small,” the technical director at information security solutions provider BeCyberSure stated. “Everyone has something of value to a cyber criminal and all they need to get hold of is an email address.”
SMEs are amongst cyber criminals’ greatest targets, Mr McGowan explained, saying they provide the “backdoor” to the systems of bigger companies.
£16 million was lost in online shopping fraud in 2015 and there were 45 million attempted attacks against online retailers in the last three months.
But the risks are not limited to the retail industry. Cybercrime is predicted to cost $2.1 trillion globally and, according to Mr McGowan, the financial services and energy & utility industries stand to be worst hit.
However, while the number of cyber security incidents has grown annually over the past seven years, from under five million cases in 2009 to 60 million in 2015, firms are still lagging behind in their security standards. The results from Compeer’s WealthTech 2016 survey show that just nine percent of firms believe their IT function is ‘very well’ positioned to manage security threats. 55 percent said they were ‘well’ positioned and 36 percent thought they were ‘about average’.
Mr McGowan also warned listeners that the repercussions of data leaks and the like would extend beyond the financial.
“Regulation is changing to apportion blame. Chief executives will be hung, drawn and quartered and locked up for criminal activity if they are found to be implicated.
“Remember, you manage other people’s data and are a stepping stone to wealthy people and organisations.”
It is thought by IBM that 95 percent of cyber security breaches are the result of action by a human, either malicious or unintentional.
As such, education and training has a role to play in preventing those unintentional breaches that come about as a result of error or lack of understanding of the risks associated with seemingly benign tools such as Bluetooth, video conferencing and wireless.
“It’s all about education and training; preparation, protection and testing” said Mr McGowan. “Think about your IT staff and what they’re doing and make sure they’re doing the right thing.
“Train, train and train again and then you’ll stay in business.”