Visa Europe revealed important stats about the usage of Contactless Cards. Poland, Spain and the UK use this payment methd the most, with UK usage growing by 300% year over year.
As the home of over 700 million people, Europe is one huge continent that has rapidly embraced technology and the digital age. With Europeans making use of technology such as Chip and PIN, contactless payment cards and online shopping, there's seemingly no escape from this digital revolution.Absolutely paramount to the success of companies that conduct their business digitally and something that's vital for the protection of those that interact with those companies, is Cyber Security.
How many European businesses are considering this? And what are they actually doing when it comes to IT security policies, methods and integration? Helping to answer those is Marsh, a global leader in insurance brokering and risk management, that has now conducted a survey in order to find out.
Marsh's European 2015 Cyber Risk Survey Report not only hopes to look at how European businesses are tackling the subject of cyber security, but on a much more specific level, it's an in-depth study on their attitudes towards it as well as "the processes they have in place, and their understanding and use of cyber insurance", the firm explains. But, rather than being a way to scare consumers or keeping shareholders awake at night, the report also paints a better picture where the problem areas are and security experts can do to address them.
To gather its benchmarking data, Marsh surveyed risk professionals from large and medium-sized corporations across the continent.
Many of the points raised by the risk professionals were negative ones, as they have deep concerns about what their organisations aren't doing or thinking about.
The two main ones being the lack of control over the cyber risks of suppliers and affiliate companies, and the lack of "proper oversight" regarding companies' failure in assessing cyber risk.
Just 57% of respondents said that they had identified "one or more cyber scenarios that could most affect [their] organisation", meanwhile, of those whose organisations had identified cyber risk scenarios, just 33% of respondents said that they had "a plan in place to access sources of appropriate funding to deliver both the required amount of funds and to be accessible at the point when it is needed". Though, 61% of respondents said that their organisations either definitely or partially had incident response plans in place.
This includes everyone all levels of the business, from the financial wing, to the IT security department and those who make key business decisions all being involved in how they tackle these threats, how they fix potential attack vectors and how they handle or restore shareholder confidence after a breach.
In terms of external and affiliate organisations that a company may work with, Marsh describes these as "one of the key vulnerabilities to companies’ network" largely due to the fact that "while organisations can control their own networks, they have much less control over those of the suppliers and affiliates that they might be linked to". Additionally, 77% of respondents say that their organisations do not assess these external organisations' cyber policies.
Now that you have a rough idea of what aspects need work, it's time to consider the tangible actions that you can do to address them.
First and foremost, security testing is something to consider. With penetration testing and vulnerability testing, cyber security experts can figure out how an attacker may be able to breach your company, penetrate its network, access its data and other assets of its digital ecosystem, figuring out the attack vectors and methods that they may use. With this information you can potentially stop attackers in their tracks, preventing a loss of data, something which could lead to financial and reputational losses for your company.
The other action that you can take is making use of a secure software development life cycle (secure SDLC). With a secure software development life cycle, any piece of software that your company releases, such as a mobile app, will have security baked in from the very first step. Not only is this useful when it comes to closing off an attack vector (because attackers can and will try to use your software as a way of gaining access to you and your customers' private data) but it also helps to improve your company's attitude about security and just how important it is – which, as we know from Marsh's survey, is one of the key things that needs to be improved within European businesses.
Marketing Director at Advantio. The articles published in the Advantio Blog have the goal of supporting our mission: making IT Security simple for everyone.
My intention is to discuss IT Security related topics with the eyes of a non technical person, speaking a simple language and trying to show to the readers the benefit of IT Security best practices.