New research released by BAE Systems Applied Intelligence today reveals that the majority of UK businesses (57%) now regard the threat from cyber attacks as one of their top three business risks. The research mirrors the recent warning from the World Economic Forum, which included cyber attacks in its 5 biggest threats facing the world in 2014.(1) In the most recent research, conducted earlier this month, the majority of international respondents (58%) said that recent high profile cyber attacks on international businesses, including banks and retailers such as Target, have led to their organisation increasing its budget for cyber security.
The latest research comes as BAE Systems Applied Intelligence releases a new report, “Business and the Cyber Threat: The Rise of Digital Criminality”, based on a broader international survey (2) which details business concerns and opinion around the cyber threat. It comes in the wake of a series of high profile attacks, where criminals have used highly sophisticated cyber techniques to conduct financial crime on a massive scale. It was immediately striking that organised fraudsters capable of carrying out increasingly sophisticated attacks are viewed by 67% of respondents in the UK (and 55% overall) as being the chief threat. This suggests that predictions that cyber-enabled fraud will become the new frontline in the war against digital criminality are rapidly becoming a reality.
Faced with these challenges it was alarming to note that a significant proportion of respondents internationally (30%) have concerns about their Board’s grasp of the risk posed by targeted cyber attacks. In the UK, however, confidence in Boards’ grasp of the issue was much greater – with 65% of UK respondents believing their Board fully appreciates the business risk presented by cyber attack.
Interestingly, the research showed that businesses’ awareness of the scale and size of the cyber threat appears to be growing, and the majority of respondents are confident that their organisations are well equipped to prevent targeted attacks, with 70% of UK companies possessing crisis plans in the event of a cyber attack. However, the research also found that a large majority of businesses (90% in the UK and 84% overall) expect the number of cyber attacks to increase over the next two years.
Martin Sutherland, Managing Director, BAE Systems Applied Intelligence, said:
“What this research clearly demonstrates is that whilst businesses are increasingly aware of the threat presented by digital criminality, the ever-evolving threat landscape means that there is a real need for continued agility in dealing with these threats. Digital crime as a whole - a dangerous combination of organised groups of criminals using cyber techniques to carry out financial crime on an industrialised scale - is a major concern, particularly since the most recent wave of high-profile attacks.
“We’re starting to see genuine interest from British businesses who realise that the threat of digital criminality is something that affects their whole business and is not just an IT issue. As the number of avenues open to criminals in a hyper-connected world increases, it is more essential than ever that organisations think carefully about the actions they need to take to protect themselves and their customers as effectively as possible.”
Further key UK findings include:
- Cost: In the UK, 40% of respondents estimated a successful cyber attack would cost their organisation more than £50 million, a further 10% of UK respondents said the cost would be more than £10 million.
- Concern: when asked what they would be most concerned about in the event of a successful attack, the most common responses was loss of customer data (60% of respondents internationally), theft of intellectual property (43%) and reputational damage (35%).
- Convergence: Organised groups of fraudsters were identified by respondents internationally as the most likely group to mount targeted cyber attacks. Of those respondents who had encountered cyber-enabled fraud, 77% of UK respondents expect cyber to play a greater role in financial fraud.
- Crisis Plans: 30% of UK organisations surveyed did not have, or were unaware of, crisis plans in the event of a cyber attack on their company. Of those respondents who did have crisis plans, 60% of UK respondents thought their companies’ plans were well publicised.
- Change: Majority of respondents internationally think that new business practices such as greater use of Mobile Technologies (71% of respondents) and Critical Operating Systems (69%) represent a significant cyber risk to their organisation.
The full report can be found at: http://www.baesystems.com/ai/cyberthreat
UK PR Manager, BAE Systems Applied Intelligence:
Tel: +44 (0)20 7812 4633
Mobile: +44 (0)7833 134 432
Blue Rubicon, on behalf of BAE Systems Applied Intelligence:
Tel: +44 (0) 20 7260 2700.
Notes to editors
1. From Global Risks 2014, published by the World Economic Forum in January 2014.
2. Our report, “Business and the Cyber Threat: the rise of Digital Criminality”, is based on 511 online interviews conducted by Ipsos MORI with strategic and IT decision makers in private sector companies in the US (300), UK(110), Australia (51) and Canada (50), carried out online using a business panel in Autumn 2013. Participants were drawn from companies with a turnover in excess of £350 million (or the equivalent in local currency) from a range of business sectors including Financial Services (Banking and Insurance), Telecoms, Energy, Transportation, Technology, Engineering, Mining, Legal, Media and Pharmaceutical. Additional research conducted with 256 respondents across US, UK, Canada and Australia was conducted online in February 2014 among a comparable audience.
3. Please contact us for a copy of the full report, or visit http://www.baesystems.com/ai/cyberthreat
About BAE Systems Applied Intelligence
We deliver solutions which help our clients to protect and enhance their critical assets in the intelligence age. Our intelligent protection solutions combine large-scale data exploitation, ‘intelligence-grade’ security and complex services and solutions integration. We operate in four key domains of expertise: cyber security, financial crime, communications intelligence and digital transformation.
Leading enterprises and government departments use our solutions to protect and enhance their physical infrastructure, mission-critical systems, valuable intellectual property, corporate information, reputation and customer relationships, competitive advantage and financial success.
Applied Intelligence is part of BAE Systems, a global defence, aerospace and security company with approximately 90,000 employees worldwide. BAE Systems delivers a wide range of products and services for air, land and naval forces, as well as advanced electronics, security, information technology solutions and customer support services. For more information, please visit www.baesystems.com