A report warns that criminals target “the weakest links”, so businesses need to change the way they perceive cyber security from every aspect to avoid getting caught in “common traps” that make them vulnerable.
According to Computer Weekly, overly complex IT architecture can damage security gaps, especially if the technology deployed has a lack of integration or is difficult to use.
The report states that businesses may make themselves vulnerable to target and insider attacks by investing in a wide range of security technologies because it makes companies “too overconfident”.
David Ferbrache, Technical Director at KPMG, said: “The business community needs to avoid knee-jerk reactions because cyber security is a journey, not a one-size-fits-all issue, so getting the basics like patching and backup matters.”
‘Business in a digital world’
“It’s important to build a security culture, raise awareness and remember that security needs to enable business, not prevent it,” added Ferbrache.
Any company that thinks all basics are covered must revisit investments, policies and question assumptions to ensure that all risks are properly understood. “It’s not until you’ve been attacked that you realise that it’s part of business in a digital world. No system is perfect, so when firms think more about cyber insurance they try and soften the blow from a more extreme attack,” says the report.
The report concludes that organisations must change how they perceive cyber security from the board down, despite issues being increasingly discussed at board level.
Written by Leah Alger