10 Steps to Cyber Resilience - CESG

The 10 steps to Cyber Security discusses how cyber security is now one of the biggest challenges economy. Produced jointly by GCHQ, BIS and CPNI it offers guidance for business on how to make the UK’s networks more resilient and protect key information assets against cyber threats. 
If your organizations hasn't taken steps to protect itself your IT systems may already be compromised with your intellect property compromised and your security breached. This is happening every day to not just one or two, but thousands and you should be asking yourself the question "Are we confident that we are secure?".
It need not be difficult or expensive, roughly 80% of all attacks would be defeated by embedding basic information security practices into your operations. 
This report provides an excellent primer on the Risks and measures that can defeat most attacks and focuses on key points of risk management and corporate governance including some case studies based on real events. 

Fighting economic crime in the Financial Services Sector (PWC)

Cybercrime is a growing threat in a world where most individuals and organisations rely upon the Internet and connected technologies, opening themselves up to the risk of attack from global criminals from anywhere in the world. Against a background of rising incidents of data losses and theft, pharming, phishing, computer viruses and hacking, this PWC survey scrutinised the significance and impact of this type of economic crime and the way in which it affects organisations worldwide.

Whilst cybercrime isn’t that new for the FS sector, it is a particularly prevalent issue for FS respondents in comparison to other industry sectors and one that puts its customers, brand and reputation at significant risk. Regulators are increasingly viewing cybercrime as a key area of focus. FS organisations are expected to have appropriate systems and controls in place to fight the growing threat of cybercrime. For example, in the UK the Financial Services Authority (“FSA”) has included “Data Security” within its top economic crime risks for some time. 

Impact of Cybercrime on Business (international)

Sponsored by Check Point Software Technologies this independently developed study by the Ponemon Institute shows that  Cyber criminals today are increasingly leveraging malware, bots and other forms of sophisticated threats to attack organizations for various reasons, including financial gain, business disruption or political agendas. In many cases, cybercriminals often target multiple sites and organizations to increase the likelihood of an attack’s initial success and viral spread.

With new variants of malware being generated on a daily basis, many companies struggle to fight these threats separately and the majority of attacks are often left undetected or unreported.

Cost of Cyber Crime Study (2011)

This is the third Cost of Cyber Crime study from the Ponemon Institute, sponsored by HP Enterprise Security. This years study has a distinctly international flavour with nearly 200 organizations across various industry sectors being represented. Cyber attacks generally refer to criminal activity conducted via the Internet.

The attacks featured include stealing an organization’s intellectual property, confiscating online bank accounts, creating and distributing viruses on other computers, posting confidential business information on the Internet and disrupting a country’s critical national infrastructure. Consistent with the previous two studies, the loss or misuse of information is the most significant consequence of a cyber attack. Based on these findings, organizations need to be more vigilant in protecting their most sensitive and confidential information.

Cost of data Breach Study (2011)

This Ponemon Institute study examines the costs incurred by 36 UK companies in 11 different industry sectors after those companies experienced the loss or theft of protected personal data and then had to notify breach victims as required by law. Results were not hypothetical responses; they represent real cost estimates for activities resulting from actual data loss incidents.

The number of breached records per incident this year ranged from approximately 3,500 records to more than 78,000 records.

In this the the fifth annual benchmark study concerning the cost of data breach incidents for UK-based companies and which was supported by Symantec, the average per capita cost of a data breach has increased from £71 to £79.

Cybercrime - its consequences & how to protect yourself

Price Waterhouse Cooper’s (PWC) 2011 report into security breaches noted that 93% of large organisations and 76% of small business have had a security breach in 2011, this is up from 35% of companies overall in 2008.* PWC advised in their report that the average cost to a small business is £15,000 – £20,000 and between £110,000 – £250,000 for a large organisation.

In this White Paper the Oval Group shares its view on the cybercrime challenges facing organizations and how an integrated approach to security management can lever significant insurance protection.