What risks are companies taking by not making cyber security jobs available?

We live in a networked world. Banking, online shopping, emails and streaming services are just a few of the everyday activities that involve networks. What’s more, all these networks require cyber security experts to protect them.

Potentially all networks are vulnerable to cyber-attacks, which makes it vital that any company that manages a network needs to protect it by employing expert cyber security personnel.

Not employing enough cyber security staff means that a company risks becoming a victim of a cyber-attack, which can result in the loss of large amounts of money and damage to a company’s reputation.

Two types of attack

There are two main types of cyber-attack – stealing data and sabotage. Data that criminals target are personal data that can be used in identity theft crimes and financial data, typically credit card details, which can be used for fraudulent purchases. Trade secrets and inside information about mergers, bids and intellectual property can be useful information to sell to rival companies.

The typical sabotage attack is denial of service where a website is bombarded with bogus log on attempts, or messages that disable the system.

Sabotage to a system that controls a country’s infrastructure, such as energy systems, airports and hospitals, can have devastating effects on a country.

The price companies pay

The monetary fallout of failing to protect networks is high; it is estimated that cybercrime costs over £275bn a year to the global economy.

In the United States, many high-profile companies, including Target and Home Depot, have had their system breached and customer credit card information stolen. While the criminals did not take money directly from the companies, the reporting of these breaches made customers distrust the firms and stopped many from buying their products. Many security breaches have resulted in a fall in a company’s share price.

Other companies have directly lost money through cyber criminals stealing from their accounts. Another common form of financial crime is where a system is taken over and locked by a hacker who will only unlock the system in return for ransom money. These attacks, like other types of cybercrime, are often kept secret by companies who fear the bad publicity if they become public.

Although it is difficult to accurately estimate losses through ransom payments, it’s likely that tens of millions of pounds have been paid out to cyber criminals.

As well as the loss of customers, a cyber attack can result in punitive actions by industry regulators. It can also open a company to negligence claims from aggrieved customers. Company board members can be held responsible for the security of their networks. If systems suffer from cyber attacks, then the directors can be held liable for the failures. It is vital that all board members are aware of the company’s cyber security strategies and that they ensure that highly expert cyber security personnel are hired to protect the computer systems.

Cyber attacks that are reported in the media can be a public relations disaster. For example, the broadband provider TalkTalk angered customers after its system was attacked last year. Worried customers wanted to terminate their contracts with TalkTalk, but the company initially would not let them. This policy led to much criticism. It is estimated that 100,000 TalkTalk customers did leave the business and, for a time, TalkTalk stopped actively recruiting new customers.

Cyber attacks forecast to grow

Although governments and security experts are increasing efforts to combat cybercrime, it is forecast that it will grow. This growth is fuelled by the increase in the number of online services.

The largest area of technological growth is predicted to be the Internet of Things – a system for objects and devices to communicate with each other using machine-to-machine communication technology. Alongside this growth will be the need to increase cyber security jobs.

After a company understands the risks they face from cybercrime, then creating cyber security jobs makes financial sense. Money lost in a cyber attack is potentially far more than the salary of cyber security personnel. It is therefore false economy to cut down on cyber security jobs in order to make short-term financial savings.

Assess then plan

The Global Risks Report in 2015 warned that:

“90 percent of companies worldwide recognize they are insufficiently prepared to protect themselves against cyber attacks.”

Governments are concerned at the lack of protection and are providing help and advice. For example, the Government Communications Headquarters (GCHQ) has published detailed guidance with its ‘10 Steps to Cyber Security’ information.

A company needs to employ sufficient cyber security personnel to formulate a two-step strategy. The first step is to create a risk assessment. This is followed by a detailed plan for protocols and procedures that will minimise risks.

The risk assessment needs to identify all areas in which a company is vulnerable. A set of detailed policies should cover all the security needs of the network. The best antivirus and malware software should be installed alongside advanced network security systems.

Policies ought to be created that cover individual workers use of the system including email, web browsing and the operation of their personal devices such as smartphones and tablets.

Users of a company’s network will need privileges based on their job role. Access to database administration systems should be provided for very few employees.

Cyber security personnel also need to make sure that the company’s systems comply with legal requirements. Most companies will already have policies to make sure that they conform to the Data Protection regulations. The European Union has also formalised its General Data Protection Regulation, part of which makes it compulsory to report any data breaches.

In a connected world, cyber security is an urgent issue. As cyber attacks are forecast to increase, every company needs to take precautions so that risks of attacks are minimised. This requires hiring the optimal number of cyber security personnel. If cyber security jobs are not made available, then companies are opening themselves to risks that could damage both their reputation and their profits.

Our accreditations & Partners

  • REC Member
  • VTC - Virtual Technology Cluster
  • Bloom Nepro
  • YPO
  • Crown Commerical Service
  • Disability Confident
  • ISO 9001
  • Armed Force Covenant
  • Cyber Essentials Plus
  • ISO 27001

Thanks

Success

Thanks

Success

Thank you for signing up to the acumin alerts.

Send CV

Send us your CV and have our recruiters match you to the ideal opportunities

Do you already have an account with us?

Log in

Want to have an account with us?

Register

Want to just send us your CV?

Upload only doc, docx, odt, pdf format file.

By submitting your registration and CV to us you are agreeing to join our database and to be contacted about relevant jobs industry communications. Please read our terms of business for more information.

Password reset

If you need a reminder for your password, fill out the field below

Log in

Access your account to edit your contact details, job alerts or to upload a new CV

Thank you

Success

Thank you for successfully uploading your CV.

Acumin Alerts

Success

Thanks for registering for Acumin alerts.

Acumin Alerts

Unfortunately your CV could not be uploaded

Please make sure your CV is one of the following file types: doc, docx, odt, pdf, rtf

Acumin Spam

Unfortunately your submission has been declared spam. Please try again.

Vacancy

Success

Thank you for submitting your vacancy.

Register

Create an account to register your contact details, sign up for job alerts and upload your CV

Success

Thanks for registering for Acumin alerts. To get the most out of Acumin's service why not register with us?

Upload only doc, docx, odt, pdf format file.
- Practitioner
- Commercial

I agree to the terms and conditions and to be contacted by recruiters:

I agree to receive marketing communications relevant to my job search:

I agree to receive Jobs By Email for the following professions:
- Business Continuity Management
- Counter Fraud
- Cyber Security
- Executive Management
- Governance & Compliance
- Information Security & Risk Management
- Penetration Testing & Digital Forensics
- Sales and Marketing
- Sales Engineering
- Security Management
- Technical Security
- Information/Risk Assurance
- Identity Management
- Application Security
- Security Architecture
- Dev/Sec Ops
- DV & SC Cleared Jobs
- Programme & Project Management
- CISO/CSO

Submit a Vacancy

Use the form below to submit a vacancy