'Business interrupted: The impacts of a security breach.' by AustCyber
It’s been a notable year for security across the globe, with events such as the WannaCry ransomware and NotPetya malware highlighting the potential for security breaches to make international headlines, compounding business disruption with reputational damage.
In Europe, 70 per cent of organisations we surveyed for the Telstra Security Report 2018 experienced business interruption due to a security breach at least once over the past year.
As part of our research for the report, we spoke to more than 1,250 security professionals, who told us their number one challenge is the ability to quickly detect and effectively respond to incidents. On top of this, almost one in three of the European security professionals interviewed estimated that their organisation responded to less than 10 per cent of the incidents they experienced over the last 12 months.
This reflects the increasing difficulty in detecting sophisticated threats such as APTs, as well as the sheer volume of alerts that pose a challenge for the limited resources of security teams.
Inconsistent availability of specialist skills also hampers the ability of organisations to respond effectively to new threats. 32 per cent of respondents identified keeping staff up-to-date with the evolving security landscape as a major challenge in their organisation.
Brace for impact
As the security landscape has evolved, so have the concerns of business. Rated fourth in 2016, this year our survey found that loss of productivity is now the primary business impacting concern among European respondents in the event of a breach, reflecting the increasing prevalence of incidents. Lost productivity can be expensive. Organisations have to bear costs such as wages, rents, utilities, etc. while operations have been disrupted, and also face the potential loss of revenue, for example when buyers are not able to complete purchases online.
After loss of productivity, corruption of business data and loss of intellectual property are also top concerns, reflecting the increasing importance of data in decision making and operations. These impacts will take on a greater prominence going forward as data becomes a key competitive difference for more businesses.
The coming year will likely also see heightened risk of reputational damage in light of the general public’s growing concern with data privacy and the mandatory breach reporting introduced via the Notifiable Data Breaches (NBD) scheme and the EU’s General Data Protection Regulation (GDPR).
In light of these potential threats to your business, it’s more important than ever before to know your data. At Telstra, we recommend the five knows of data protection as an effective baseline to understand your position.
The five knows are:
- Know the value of your data.
- Know who has access to your data.
- Know where your data is stored.
- Know who is protecting your data.
- Know how well your data is protected.
Download the Telstra Security Report 2018 now to find out how to better defend your organisation against threats, so you can focus on your business.