How To Lower The Threat Of Cyber Security Breaches
Global professional services firm Aon plc recently released its 2019 Cyber Security Risk Report, which detailed the greatest cyber security threats and challenges that organisations currently face.
The report highlighted that, as companies continue to use technology to speed up the transfer of information, not only are game-changing business opportunities created, but so too are increased cyber risks and security breaches.
What is clear is that accessing and sharing data and using technology in general is evolving to the point where it is difficult for people to keep up. This is because cutting-edge new products by trusted market leading brands are increasingly being connected to smart technology.
In response, companies are always looking ahead to the most technologically advanced ways to become the market leader in their field. This desire to engage with customers and be at the forefront is laced with significant potential risks that are both financial and reputational, as firms leave themselves exposed and susceptible to cyber attacks.
While businesses find themselves unsupported by sufficient security measures, consumers are, in turn, left exposed to the threat of having their own personal and financial information exposed by data hackers.
As companies strive for technological progress, they need to ensure that they have the security infrastructure in place to prevent cyber security breaches. They must also implement processes that deal with any breaches quickly and ensure good business continuity practices are in operation.
It is no coincidence that, in recent years, there has been a significant upturn in the recruitment of cyber security, information security and business continuity staff across the technology risk area as a whole. This has affected a number of sectors, which include financial services, telecoms, retail and gaming.
Opportunities in the technology risk sector only look set to grow in a world where everyone and everything, from individuals through to companies and governments, are increasingly dependent on connected systems, networks and devices. Bruce Schneier, CTO for IBM’s Resilient Systems, goes so far as to rename the “Internet of Things” the “Internet of Everything” in response to how the technological world is changing.
This ethos is supported by a Government initiative, announced earlier this year by Business Secretary Greg Clark, that hopes to position the UK as a world leader in the race against some of the most damaging cyber security threats.
As part of this pledge, businesses and consumers will benefit from increased security and protections built into digital devices and online services. This is with the help of up to £70 million in Government investment through the Industrial Strategy Challenge Fund and is backed by further industry investment
A further £30 million of Government investment will aim to ensure that smart systems are safe and secure. Smart internet connected devices can include anything from operating a central heating thermostat via a smartphone, to pressing a button to unlock the front door. There are expected to be more than 420 million such devices in use across the UK within the next three years.
This initiative comes after a series of huge cyber security breaches in 2018, which included:
Facebook admitted that around 50 million users were compromised by its security breach as Mark Zuckerberg confirmed that the attackers used Facebook developer APIs for gaining information. This information comprised of names, genders and localities which were linked with any user’s profile page.
The loophole was identified in the “View As” button, which lets users visit their profile as someone from their friends or public audience. This tool allowed the hackers to get Facebook access for taking over the profiles.
British Airways faced a cybersecurity breach which affected around 380,000 transactions. This included stolen personal and financial data which remained unsafe and insecure for two weeks during the period of 21st August to 5th September when the company’s website and apps were under what was described as a ‘“sophisticated” cyber attack.
At the beginning of 2018, Google identified a vulnerability in an API. It noticed that the API for social networking platform Google+ gave third-party app developers access to personal data from the friends of the app’s users.