Operating securely in the cyber environment is among the most urgent issues facing business and government leaders today. William Beer looks at what needs to be considered when taking activities online.
Far from being a barrier to participating in the cyber world, effective security is a critical enabler for any organisation seeking to realise the benefits of taking activities online. Achieving this requires two assets: an understanding of online operating and business models; and an ability to protect and support those business models.
Today, more and more organisations in all sectors are seizing the opportunities created by the Internet. In PwC’s view, the only way to do this securely and sustainably is by ensuring that cyber awareness and responsiveness are infused into every employee, every decision and every interaction. It’s time for CEOs to make this happen.
In June 2011, Nintendo joined fellow online games company Sony and US-based defence contractor Lockheed Martin in confirming that it was among the latest targets of cyber attacks. The announcement came just days after the UK’s chancellor, George Osborne, told an international conference that British government computers are now on the receiving end of over 20,000 malicious email attacks every month. The message is clear: No organisation in any sector is safe - and the threat is growing.
Nobody can say the world had not been warned. In January 2011 the World Economic Forum (WEF) named cyber attacks as one of the top five threats facing the world - alongside planetary risks posed by demographics, scarcity of resources, concerns over globalisation, and weapons of mass destruction. Far from suggesting that fears over cyber threats may be over-hyped, the WEF highlighted the danger that they were actually being underestimated.
The growing threat reflects the explosion of online services in all sectors. Across the world, more and more private and public sector organisations are capitalising on web, mobile and social media platforms to improve their performance and serve customers more effectively. Online interactions bring a blend of four key benefits: lower costs to serve, higher speed to market, greater customer loyalty, and - in the case of the private sector - the potential for higher revenue growth.
These benefits are causing the cyber revolution to gain momentum at breathtaking speed. For example, we estimate 115 million Europeans will be using mobile banking services by 2015.
As the use of online services increases, so do the scale and sophistication of cyber attacks. Targets range from countries’ critical national infrastructure and the global financial system, to less obvious targets such as mining companies.
One of the most alarming attacks was the Stuxnet computer virus that emerged in mid-2010. This malicious software (malware) program was created with the aim of sabotaging Iran’s nuclear programme, by increasing the speed of uranium centrifuges to breaking-point and simultaneously shutting off safety monitoring systems. Commercial cybercriminals are mounting equally sophisticated attacks. Such examples underline how opportunities and risks in the cyber world have risen to a new level.
Organisations need to overcome a number of entrenched barriers if they are to defend themselves effectively against increasingly sophisticated attacks. Four are especially prevalent: