The British Chambers of Commerce (BCC) announced that ‘One in five’ British businesses had been hacked by cyber criminals over the past year, according to their latest survey. IT security experts from FireMon and Veracode commented below.
Paul Calatayud, Chief Technology Officer at FireMon:
“When reflecting on the statistic that one of five British business have been hacked by cyber criminals, I immediately think to myself: this is only the tip of the iceberg. As a cyber defender my entire career, this static only tells me part of the story given that half of those that were surveyed and responded with the belief they were not hacked simply are not aware that they may have been hacked. This can be supported a number of ways, but one alarming statistic is that the average hack usually is not detected for longer than 209 days.
British businesses need to realise there is an entire global cyber criminal economy that out-earns the illegal drug industry in terms of revenue. And as such, cyber programs need to wake up and adapt into a detect and response approach that places equal investments in prevention as it does detection of hackers.”
Paul Farrington, Manager, EMEA Solution Architects at Veracode:
“As we edge ever closer to new, more robust data protection legislation – such as the GDPR – businesses must take a more proactive approach to safeguarding valuable and sensitive information, such as customer data.
“With the single biggest source of data loss resulting from application vulnerabilities last year, IT leaders must place an emphasis on discovering and plugging any gaps that may exist today. Following a breach, we all know it isn’t just data a company loses, and no longer can firms continue the ‘it won’t happen to us’ approach. If hackers are the only ones searching for vulnerabilities across an organisation’s digital ecosystem, it is clear who will find them first.
“Tackling this problem will therefore require a complete shift in terms of how applications are developed, built and maintained, with developers who drive innovation working hand-in-hand with those designed to safeguard data. Only by implementing this change can organisations future-proof themselves against the growing threat of a cyberattack.”