A new study has found that 39% of British organisations’ CEOs believe that a successful cyber attack on their company is inevitable.
This figure reflects the upsurge in cyber attacks over the past few years and the increased media attention on data breaches. Cyber security professionals have been repeatedly told that the threat of cyber attacks is becoming unmanageable, so the only surprise in KPMG’s report is that concern among CEOs in the UK is so low. Across the rest of the globe, 49% of CEOs said that cyber attacks were unavoidable.
Defending against attacks
Despite the comparative optimism (or, perhaps, naivety) in the UK, cyber awareness continues to grow. KPMG found that four in ten CEOs of British organisations said their business was either well prepared or very well prepared for an attack. This is in part due to the appointment of cyber security specialists and data scientists.
Although expert help is highly beneficial, it’s just as important to adopt a cyber security framework to support your organisation and employees. ISO 27001 can help organisations prevent attacks, but given the unavoidability of breaches, ISO 22301 should be a top priority.
ISO 22301 and business continuity
ISO 23301 is the international standard that describes best practices for business continuity management. It focuses on the way organisations should respond to successful attacks, helping them mitigate the damage of an incident and recover as quickly as possible.
Much of the damage caused by cyber attacks is a result of extensive delays as the affected organisation attempts to rectify the situation. The longer it takes to respond to an attack, the harder it is to get back to normal. Problems mount and the backlog of work grows.
How prepared are you?
Our ISO 22301 gap analysis service gives you a detailed breakdown of how prepared your organisation is for a cyber attack, and how you measure up against the Standard’s requirements.
You’ll receive expert advice on how to adopt a BCMS (business continuity management system), and be given an informed assessment of the:
- Proposed scope of your BCMS;
- Internal resource requirements for successfully deploying a BCMS project; and
- Potential timeframe to achieve certification readiness.