Businesses urged to follow banks' lead on cyber security

Cyber crime is on the rise

The banks can teach other organisations a thing or two about dealing with cyber attacks, according Malaysian cyber security expert Nazhalina Dato’ Nazri, who was speaking at the annual Business Continuity Management (BCM) conference, in Hammersmith, London, yesterday.

He explained that "scenario testing", something the financial sector does regularly, is essential to preventing cyber attacks and should be made general practice in other industries too.

Scenario testing is a form of risk assessment, where businesses try to get an understanding of the threats they face at any given time; the damage these could cause; and how capable their security solutions are of mitigating these threats.

“Other industries need to pay attention and realise what could be lost by not doing [scenario testing],” she said.

When the conference audience, comprising more than 100 business continuity managers, was asked whether they look at cyber security when they are scenario testing, only four raised their hands.

Siobhan Austin, information risk analyst for Insight Investment, who was also speaking at the event, said: “As an investment firm, we run penetration and scenario tests at least twice a year to see if unwanted users could gain access to our internal and external websites, and what would happen if they did.

“When I speak to people in similar positions to myself, within other industries, this doesn’t seem to be a priority for them,” she added.

“All firms, even those not dealing directly with finances, should prepare themselves for the damage a cyber attack can cause.”

Dato’ Nazri said her research suggests that 80 per cent of companies believe cyber attacks will increase in the future, with the companies particularly concerned about damage to their reputation and brand.

“Cyber attacks are here to stay, and security is everybody’s responsibility,” concluded Dato’ Nazri.