UK spy chief warns of global cyber threat as NatWest reels from major glitch

According to various press reports Mr Evans said that thousands of hackers in underground cybercrime networks are targeting businesses, universities and government data.

On top of this, government-sponsored cyber-spying is widespread and China is the main culprit, ABC news reported earlier this week.

“Vulnerabilities in the internet are being exploited aggressively, not just by criminals, also by states,” said Mr Evans, according to the Financial Times.

hide

“What is at stake is not just our government secrets, but also the safety and security of our infrastructure, the intellectual property that underpins our future prosperity and the commercially sensitive information that is the life-blood of our companies,” Mr Evans is reported as saying.

Zurich Insurance responded to Mr Evans’s comments by stating it agrees that the cyber threat is one of the biggest risks currently facing UK plc.

It said that organisations are increasingly reliant on the internet to deliver services but there remains a ‘very limited’ understanding of the associated risks. 



“Cyber attacks are a daily occurrence and the risk ranges from the small but widespread type such as hacking of email accounts through to the potential of something very serious such as a major attack locking up banks with a very sophisticated virus,” stated the insurer. 



“For governments, societies and businesses, it has become difficult to understand its complexity, and systems that we thought mitigate risk may actually be concentrating risk. Unravelling this complexity should be at the centre of policies to improve global cyber security, making investment into the exploration of digital vulnerabilities vital,” Zurich continued. 



William Beer, a Director in PwC’s Information and Cyber Security Practice said: “These comments will help raise awareness at the senior executive level of the likelihood and potential damages of cyber attacks. Businesses should be operating under the presumption that an attack is likely and be ready to respond. By building resilience into their incident response and crisis management capabilities, businesses can make themselves much better prepared in the event of an attack and minimise the potential fallout.”


“Cyber security is not only a technical issue, but a core business imperative. Faced with attackers who move quickly and unpredictably, organisations also need to be able to act and respond quickly and flexibly. Being prepared for a cyber attack is not just about having a good IT policy but good governance across the business. When attacked, businesses need to be able to rely on well thought through plans and respond assertively,” he added.

Meanwhile UK bank NatWest is reeling from a serious computer glitch that prevented up to 12 million people paying their bills and transferring money.

Commenting on the problem, Jeremy Smith, leader of the FINEX Global International Technology, Media and Telecom Practice at broker Willis, said: “The recent NatWest computer glitch highlights yet again how dependent organisations are on their IT infrastructure and how vulnerable we all are when these systems crash.”

Mr Smith said that the cause of the glitch was reportedly a routine software upgrade.

“Unfortunately, software failures, like data breaches, are very hard to protect against. Even the most tested software can fail and even the highest level of training cannot completely cut out human error.”

The broker added, however, that there are a number of things organisations and their risk managers can do to reduce the possibility of such incidents occuring.

“Although the majority of risk mangers will not be IT experts they can utilise their skills in other areas such as contractual indemnities to alleviate such exposures. Almost all firms outsource their IT and data hosting services to third parties and therefore when evaluating which provider to go for companies should not only ensure that the IT solution is fit for purpose but also check what level of indemnification they are providing for losses. In the event that your business suffers a major software failure or security breach you need to ensure you can recover as much as possible in contract with your IT/hosting provider,” he said.

Mr Smith added that, above such action, insurance cover is also available and is becoming broader in coverage terms.

“Cyber insurance products have now been around for over a decade and have come a long way in terms of the breadth of cover offered. Typically the policies cover you for the costs for data breaches and your loss of revenue due to network/software failures. However, policies have now developed to cover key IT providers and also acts of cyber terrorism, which were historically excluded. It is important that you work with a specialist cyber broker to ensure that your policy is properly tailored to your needs,” he said.

Back to top button