Cyber security should now be considered as high a priority as other business critical risk management issues, according to a leading expert in online security.
Speaking at a series of business events organised by Danske Bank, David Crozier, head of strategic partnership and engagement at Queen’s University Belfast’s Centre for Secure Information Technologies (CSIT) told over 200 business people that a few simple measures could be all that is needed to protect Northern Ireland businesses from the significant and growing threat of cyber-attacks.
“Previously, hackers would have taken the easiest path and looked for software weaknesses. In the last few years, we have seen attacks becoming more targeted and professional in their approach, aided by machine learning and Artificial Intelligence. Today, criminals do their homework and build up well researched pictures of the people and companies they are going to attack,” said Mr Crozier.
“There is still a degree of apathy in some businesses I speak to who believe that because they are a small Northern Ireland business or charity and not a national or international company, like Talk Talk for example, that they are not of interest to hackers. That is not the case. The nature of these attacks evolves so quickly and involves a range of weapons, including spyware, ransomware and impersonation techniques. It presents a challenge that experts are having to work hard to stay on top of.”
Mr Crozier advised businesses to stop thinking of cyber security as an issue that should only concern the IT department, rather it needs to involve everyone from board level to administration staff.
“If you work out what the cost to your business would be if your systems were shut down for a day, then it will motivate you to take these threats seriously.
“You can’t stop cyber crime, but you can make it harder for criminals to target your business. We advise businesses to invest time in skills and training so that employees can recognise and identify risks. We want businesses to demand more from their security suppliers and ask for updates regularly on the measures they are taking to stay ahead. Any security product which is up to date today won’t be up to date in three years, so avoid getting caught in long term contracts.”
Paul Brown, fraud manager from Danske Bank, spoke about two common cyber security threats to businesses, Invoice Finance Fraud and CEO Fraud. He added: “Cyber crime is driven by the clever manipulation of the natural human tendency to trust. It’s critical to have checks and balances in place within your organisation to help prevent such an attack, and to review these regularly. In the event of an attack or an attempted attack, time is of the essence. We would encourage businesses to report any attacks or attempted attacks to the police and also to their bank.”
The events were part of the Danske Advantage series of events, bringing businesses experts and businesses together on a range of topics.
Share this Post