The world we live in is changing and Britain is facing its most severe ever terrorist threat and fresh attacks in the country are inevitable, according to Andrew Parker, the director general of MI5. He recently confirmed that nine attacks were thwarted in 2017 and states the UK has seen “a dramatic upshift in the threat” from Islamist terrorism this year, reflecting attacks that have taken place in Westminster, Manchester and London Bridge. He continued “That threat is multi-dimensional, evolving rapidly and operating at a scale and pace we’ve not seen before. It’s at the highest tempo I have seen in my 34-year career. Today there is more terrorist activity, coming at us more quickly, and it can be harder to detect.”
The United Kingdom Terror Threat Levels are the alert states that have been in use since 1 August 2006 by the British government to warn of forms of terrorist activity. The current threat level is severe meaning an attack is highly likely, but this is intermittently upgraded to critical which means an attack is expected imminently
The profile and demographic of UK organisations staff is varied, however most will be untrained and totally inexperienced in the event of a major incident. If the unthinkable were to happen, the human cost would be catastrophic and the reputational damage incalculable. Following the London Bridge attack on June 3rd 2017, Borough Market was closed for 10 days and total losses to businesses are estimated at £1.5 million. These businesses were bars, restaurants and market traders. The impact to a corporate would be significantly higher.
In addition to the terrorist threat, according to new government figures, around 46% of businesses have now suffered a digital attack. With 5.5 million companies in the UK, that suggests around 2.5 million may have been hit. It is a huge issue and one that is notoriously difficult to tackle. The risk of data theft is the one that boardrooms up and down the country are most concerned about, with 30% of firms discussing these in leadership meetings.
According to Ponemon Institute’s 2017 State of Cybersecurity in Small and Medium-Sized Businesses, 61 percent of SMBs have experienced a cyber-attack in the past 12 months. The Ponemon report found that the average cost due to damage or theft of IT assets was $1,027,053, and the average cost due to disruption of operations was $1,207,965.
A survey conducted by business ISP Beaming claimed that 52% of British businesses fell victim to a cyber-attack in 2016, amounting to 2.9 million; they also lost in the region of £29.1 billion in the process. Phishing and viruses were the most common threats, affecting nearly a quarter (23%) of those surveyed, while 18% suffered a hack or data breach.
Although ransomware claimed fewer scalps; 388,000 as opposed to 1.3m for phishing attacks, it cost firms significantly more - £7.3 billion versus £5.9 billion, with social engineering (£5.3bn), denial of service (£4.6bn), breaches (£916m), or viruses (£5bn). Now more than ever the requirement for an effective plan to protect assets, staff and customers while mitigating corporate risk is paramount.