The former head of the United Kingdom’s security and intelligence agency has called for urgency in the way that Middle East organisations prepare for cyber-attacks.
Sir Iain Lobban, former head of the UK’s Government Communications Headquarters (GCHQ), said that organisations who fail to prepare for and evaluate the potential impact of cybercrime will be left brutally exposed.
“We hear weekly, if not daily, about cyber events in all sectors, with sometimes devastating impact,” he said. “These include breaches of confidential knowledge, awkward exposures of confidential information, as well as breaches that cause damage to government, firms and society. All too often, those events may have been avoidable or at least mitigated.
“Organisations need to be continually reassessing their cyber resilience as risk continues to grow exponentially. It feels as if there is a creeping inevitability not simply of exposure to new kinds of cyber-attack but, for many, to being attacked successfully.”
Sir Ian also highlighted the need for cybersecurity to be controlled by senior management members, given its current criticality.
“Organisations need to anticipate and prepare for a range of cyber risks. Ownership of the issue needs to be at board level with directors ensuring they understand the threat, potential impact – including the financial impact – and have a planned response. They should see cybersecurity risk management as a core part of governance.”
He also drew on research conducted by Marsh and Microsoft which revealed that the majority of organisations are yet to measure the potential financial impact of a successful cyber breach. “By having a discussion around insurance, including assessing potential exposures and making decisions about what kind of insurance coverage they need, firms will understand the financial aspects of cyber risk more clearly,” he said.
“Firms need to see cybersecurity not just as a matter of compliance but an issue that is embedded enterprise-wide issue and part of culture of the organisation.
“Ultimately, diligent cybersecurity underpins many of the characteristics of top quality organisations around the globe. Against an asymmetric and growing threat, the time for all organisations to raise their game on cyber preparedness is now.”