News

October 31, 2014

Auditors issue new warnings about cyber crime

Businesses are continually playing catch up against cyber attackers, according to the latest analysis by the six largest UK audit firms.

Accountancy body the ICAEW has identified a growing gap between the capabilities of cyber attackers and the businesses that they target in its new report, Audit Insights: Cyber Security.

The six audit firms that make up the working party behind the report are BDO, Deloitte, EY, Grant Thornton, KPMG and PwC.

The report concludes that the nature of today’s business structures is making it harder for businesses to respond, while cyber attackers are becoming more agile and taking advantage of new opportunities driven by economic growth. Specific challenges include complex supply chains, the use of digital channels, data and cloud storage and mobile devices.

Richard Anning, head of ICAEW’s IT faculty, said: “Businesses are more aware of cyber risks than before and are working to mitigate threats, yet they are still falling further behind the cyber attackers.”

Businesses, he said, “need to focus their finite resources in the right places to prevent the gap from widening further, balancing investment in preventative controls with investment in new skills and solutions.”

According to the authors of the report, businesses must:

• identify business-critical data and associated risks;
• integrate cyber security into their entire strategy, treating it as a business risk rather than a technical issue;
• pay more attention to actual threats, not just prevention;
• work with industry bodies and partners to share information.

The report also suggests that policy-makers should increase support and training for smaller businesses.

Richard Anning said: “It is no longer about simply being compliant with data protection regulations. Businesses must demonstrate that they are ready to deal with cyber attacks by having a plan of action in place. The most important thing is still to get the basics right. Up to 80% of security breaches can be prevented by having basic cyber security hygiene.”

Related resources:

• Growing threat of cyber crime for SMEs NEWS
• Protect your business from a cyber attack BLOG
• Simple protection from cyber criminals BLOG