Written by: Keith Tully
Reviewed: Wednesday 16th August, 2017
British companies are not taking the threat posed by cyber attacks as seriously as they ought to be, according to Lockton, one of the world’s leading private insurance brokers.
Lockton found some worrying tendencies among leading UK businesses recently as it analysed their relative readiness in the context of cyber security.
The insurance broker found that half of the British business leaders it surveyed on the subject said that they’d expect to be entirely operational within 48 hours of being hit by a cyber attack.
Meanwhile, only 2 per cent of the chief financial officers, risk officers and information officers polled said that an effective cyber attack might affect their operations for 10 days or more.
According to Lockton’s cyber security experts, these findings represent a significant “gulf between perception and reality” among leading UK companies.
To underline its point, the insurance broker has emphasised that the impact of cyber attacks can often still be felt years after they were first instigated and in some cases they can be impossible for businesses to recover from at all.
The firm has said that many businesses in the UK are “failing to safeguard both company and customer data by not involving the right people in cyber breach planning to begin with”.
Its view is that boards of directors, risk managers and IT teams are not currently working cohesively enough to offset the risks associated with cyber attacks as effectively as they could and should be.
Part of the problem is said to be that not enough businesses are sufficiently well-prepared to limit or counteract the reputational damage that can be done when large-scale cyber attacks take place and sensitive data is lost.
“The fact that so few businesses are aware of the aftershocks caused by a cyber attack is concerning,” said Peter Erceg, senior vice president of global cyber and technology at Lockton.
“It can take several months, if not years, to become entirely operational again after a large-scale breach – and for some firms a full recovery may be bridge too far.
“UK businesses are currently unprepared for the seismic waves that can decimate an organisation caught unaware.”