Businesses of all kinds can't ignore growing threat of cybercrime: Richard Hilton

Key Insights from the National Cyber Security Centre (NCSC) show that AI poised to amplify cyber threats, increasing both their volume and impact.

All types of threat actors, from state to non-state, are leveraging AI to varying degrees with AI enhancing reconnaissance and social engineering tactics, making them more effective.

While sophisticated AI-driven cyber operations are on the horizon, they’re currently limited to well-resourced actors. UK businesses faced a 32 per cent cyber-attack or breach rate in 2023, with medium-sized companies bearing the brunt.

The financial ramifications are staggering, with reported losses exceeding £736 million, and attacks occurring as frequently as once a week for 31 per cent of businesses, with Cybercrime Magazine reporting that 60 per cent of small companies close within six months of being hacked.

Sometimes there seems to be a disconnect at the exec level in the actual understanding on how today’s businesses run.

Non-digital-native businesses for a long time have seen Information Technology as peripheral department (pun intended), non-core and most importantly, a cost centre, not contributing to a business’s bottom line.

When I say conventional businesses, I mean businesses that, across the managerial level, still emphasise a reliance on heavily established, often manual processes, opposed to those that embrace technology as integral to their business model and operations.

The easiest way to reconcile these beliefs is to start with two simple questions - if we turned off the IT systems right now, how long would your business be able to operate?

And if the only point of recovery was a restoration of a backup, how far back could you go before the business becomes unviable?

Effectively unable to recover from the operational costs of the loss, but also the loss of data that would need to be re-keyed to bring back to the present day. Not taking the loss of reputation into account.

Understanding a catastrophic operational outage of your IT systems that a ransomware or malware attack would cause, is where you should start if you want to quantify the costs of the measures you should put in place to ensure the survival of your business.

Spend accordingly to the level of loss you could incur.

Generally, attacks are not instigated at the point of infiltration. The skilled protagonists will leave the malware in place for a number of weeks or months.

Hence, when you start the recovery process the malware is embedded in your backups. It’s also worth highlighting that the company being hacked might not be the end target, it could be the client base they are targeting and want access to.

Each company has to determine the impact of the risks it poses to them and plan accordingly. Your policies and capabilities need to match your business objective, and every company should have a recovery process.

Cyber-crime will only continue to increase, and we all have to do our best to mitigate its impacts.

Richard Hilton is Head of Private Sector Strategy & Development at Claritas Solutions