Recent press reports have drawn attention to nation state cyber attacks on critical national infrastructure and the ability to impact safety systems has been clearly demonstrated. Meanwhile, the activities of criminal gangs continue with new ransomware variants, user credentials and data are bought and sold at remarkably low prices in the murkier corners of the web, as are on-demand Denial of Service attacks, and the prospect of regulators imposing massive fines for any breach looms ever larger. This is fuelled by the large number of organisations which nevertheless fail to engage with the threat and do not put in place proper safeguards.
The typically loose corporate thinking permitting this can be seen in the recent Radware ERT report for 2017-2018, which indicates that of the surveyed organisations, around 80% suffered an attack of some kind, 80% aren’t calculating the cost of attacks, but 25% of attacks result in loss of a customer or the customer suing. This carries through into a lack of awareness of the cost of security measures. In the recent UK government consultation on implementing the NIS Directive only 30% of responders felt able to give any indication of likely cost.
Cyber security is a blanket term that can cover a multitude of areas. EEMUA’s seminar on 19 April 2018 will examine applications to industrial facilities, and look at how plant operators can assess and reduce risks in their installations. Corporate lack of awareness is clearly a very big issue.
Further details on the EEMUA cyber security seminar can be found here.
