A new BT and KPMG report has revealed that the vast majority of companies feel constrained by regulation, available resources and a dependence on third parties when responding to cyber-attacks. Only a fifth of IT decision-makers in large multinational corporations are confident that their organisation is fully prepared against the threat of cybercriminals.
The report, ‘Taking the Offensive – Working together to disrupt digital crime’ finds that, while 94 per cent of IT decision makers are aware that criminal entrepreneurs are blackmailing and bribing employees to gain access to organisations, roughly half (47 per cent) admit that they don’t have a strategy in place to prevent it.
The report also finds that 97 per cent of respondents experienced a cyber-attack, with half of them reporting an increase in the last two years. At the same time, 91 per cent of respondents believe they face obstacles in defending against digital attack, with many citing regulatory obstacles, and 44 per cent being concerned about the dependence on third parties for aspects of their response.
Mark Hughes, CEO, BT Security, said: “The industry is now in an arms race with professional criminal gangs and state entities with sophisticated tradecraft. The twenty-first century cybercriminal is a ruthless and efficient entrepreneur, supported by a highly developed and rapidly evolving black market.”
He added, “With cybercrime continuing to escalate, a new approach to digital risk is needed – and that means putting yourself in the shoes of attackers. Businesses need to not only defend against cyber-attacks, but also disrupt the criminal organisations that launch those attacks. They should certainly work closer with law enforcement as well as partners in the cyber security marketplace.”
Paul Taylor, UK Head of Cyber Security, KPMG, said: “It’s time to think differently about cyber risk – ditching the talk of hackers – and recognising that our businesses are being targeted by ruthless criminal entrepreneurs with business plans and extensive resources – intent on fraud, extortion or theft of hard won intellectual property.”
BT and KPMG are now engaging with large organisations around the world to debate the learning points of their joint research and advise on the changes that need to be undertaken.