The most successful organisations in coming years will be those that recognise cyber resilience as a vital source of competitive advantage – but for now, cybersecurity strategy could be key to survival in a world disrupted by COVID-19.
More than
1 in 5
business leaders surveyed had lost customer information through cybersecurity incidents
Companies receive
5x
the media attention in the month following a cyber breach, and
8x
the social media coverage
Cyber attacks were already frequent before the outbreak of COVID-19. According to FTI Consulting’s Resilience Barometer™ 2020 (published in January), 20% of organisations had been victims of a ransom or data hostage situation.
Ongoing digitisation of business means cyber attacks can inflict damage right across commercial ecosystems. Of companies experiencing cyber attacks, 27% lose revenue and similar proportions lose assets or customer information. Reputational harm is another danger. FTI research indicates that on average, a company receives five times more media coverage and eight times more social media coverage in the month after a cyber breach than in normal conditions.
Despite these risks, a worrying 90% of Barometer respondents reported gaps in their organisations’ cybersecurity defences. Now, more than ever, it’s vital to address these gaps and mitigate risks in a dynamic, increasingly vulnerable world.
Resilience across the business can best be achieved through a comprehensive cyber risk mitigation strategy. This entails analysing the organisation’s unique cyber risk profile, creating and maintaining organisation-wide cybersecurity awareness, identifying critical assets, and developing and testing business continuity and incident response plans.
The strategy must be driven by the CEO and Board. For that to happen, cybersecurity leaders and advisers should explain the issues in a way that makes sense to senior management, focusing on commercial imperatives rather than technicalities.
Through holistic management of cyber risk, businesses can mitigate threats and reduce downtime. If an incident does occur, resilient organisations can respond effectively, safeguard their reputation, and restore trust in their digital ecosystems.