The BCI Launches Cyber Resilience Report 2023
The BCI is pleased to launch its latest Cyber Resilience Report, sponsored by Daisy. The report examines the disruption levels and cyber resilience arrangements across organizations, as well as the reporting and role of senior executives in the development of cyber resilience strategies.
Rise in proactive measures
While this year’s report saw 74% of respondents note an increase in the number of cyber attacks within the past twelve months, it also found that most organizations registered the impact of those attacks as small to medium. As higher numbers of organizations are taking proactive steps to mitigate the impact of cyber incidents, this serves as evidence that it is resulting in reduced impacts on organizations.
Demonstrating this, some organizations are using dedicated tools to increase the chance of an early warning and a faster and more effective response. Indeed, when considering their most recent cyber incident, 39.9% of respondents were notified by a security information event management (SIEM) system, while 35.2% received an antivirus/end detection and response (EDR) alert. Using these methods means that the attack is often discovered before business impacts are recorded. However, 14.5% of organizations discovered a cyber attack was taking place as a result of a system outage, which obviously runs the risk of customer impacts and reputational damage while also forcing the organization into a more reactive, slower, response.
Method of attack
The traditional methods of phishing and spear phishing remain the most frequent form of cyber attack, with the number of organizations reporting a successful phishing attack rising from 65.7% to 72.4% this year. It also ranked as the most disruptive method of attack, particularly as the sophistication of such attacks is becoming greater as cybercriminals work to eliminate the tell-tale signs of a phishing email, such as bad grammar and other inconsistencies. However, it is also important to note that phishing attacks often work in tandem with another form, where the phishing email effectively works as a vessel for malicious code, such as ransomware. On this note, while ransomware only just makes it into the top five most frequent methods of cyber attack, respondents have ranked it as the second-most disruptive – showing this threat is not to be taken lightly.
Developing a response
Positively, 87% of respondents say their organization has business continuity arrangements in place to deal with cyber incidents. The BC function can be a vital aide in a cyber attack and respondents highlighted that it ensures a faster recovery first and foremost, followed by also helping to mitigate financial losses. However, the report also finds that cyber risks can still be siloed within organizations. For example, an IT team may not adequately communicate with the BC team about potential cyber risks. Therefore, there needs to be greater collaboration between teams in the face of this threat. This can be developed with support from top management, but also by continuing to train and exercise certain scenarios across teams to develop relationships and an understanding of roles and responsibilities that will be crucial in a live incident.
The requirement of a collaborative effort is shown in other areas of the report. For example, while cyber security teams are the main department responsible for the cyber resilience strategy of an organization, 43% of respondents find that BC plays a significant role in creating cyber resilience.
Furthermore, in order to build this resilience, the report finds that complex threats, such as cyber attacks, require a multifaceted response. As such, respondents have been shown to support technical measures (one of the pillars of cyber resilience) with policies and alignment to best practices, industry regulations, and standards. However, it is vital these measures are validated to test their effectiveness. For this critical part of the process, 64.6% of organizations conduct exercises and 59.0% initiate penetration testing.
- Looking ahead, 74.0% of respondents consider a ransomware attack to be within the top threats to their organization over the next five years.
- Most respondents (67.2%) feel that they could respond to a cyber incident within the hour, showing a confidence in the effectiveness of their response and detection times.
- 40.4% of organizations have suffered financial losses of more than 10,000 euros as a result of cyber incidents. While the financial impacts of cyber attacks may not seem like an existential threat, it is also important to consider indirect costs (potentially losing customers) as well as the cost of investments to keep the organization safe from an attack.
Rachael Elliott, Head of Thought Leadership, BCI:
“The results of the survey in this year’s report show an ever-evolving cyber security landscape, and one where the number of attacks and their ferocity has increased markedly. With the classic attack vectors, attackers are becoming increasingly more intelligent with their approaches; phishing emails no longer contain the spelling errors of yesterday and attacks have the potential to unleash damage to systems quicker than an organization has time to react. Even if an organization has the most advanced technology in place, attackers know that by approaching the weak link to cyber security within an organization – the people – their attack will have more chance of success. Thankfully, we see training and exercising of staff in cyber awareness on the increase and, with the continued management attention to cyber security, we believe that organizations are in a good place to stay one step ahead of the attackers.”
Steve Burden, Head of Cyber Security Solutions, Daisy:
“This year’s report has provided some fascinating insights into cyber resilience and I am delighted that Daisy has had the opportunity to be involved. The success of cyber resilience relies on the partnership between cyber security and resilience personnel as they work together with a common goal and a shared strategy. However, what is clear from the findings of the survey is that organizations are not always getting it right, resulting in more frequent breaches and rising costs. Attacks are getting more sophisticated and, sadly, the commonly repeated phrase of it ‘not being a matter of if, but when’ you’re breached has never been more true. It is therefore encouraging to see so many organizations taking an assumed breach mentality and proactively implementing cyber resilience measures to reduce the impact of a cyber incident; and we hope to see this trend continue throughout 2023.”
For more information, please contact The BCI: [email protected]
Follow the link below to download a copy of the report:
- Business Continuity
- Case studies, sample tools & practical guidance
- Information technology and Cyber Security