Cybersecurity Needs to be a Higher Priority

‘A UK business is successfully hacked every 19 seconds’

This uncomfortable fact was shared with me by UK-based telecoms provider BT in a recent email advising me that they were updating an email account.??

In the retail sector, major household retailers have fallen victim of cyber attacks with British Airways, Boots and Aer Lingus among the growing list. The automotive retail market is no different with several major retail groups having been subject to hacks by organisations seeking to hold them to ransom.? OEMs have also been targeted, and have been subjected to ransomware attacks:?

• Tesla prevented a ransomware attempt ?
• Honda global operations halted by a ransomware attack?
• Nissan and Renault hit by a ransomware attack?
• Volkswagen - 3 million customers have had their information stolen?

None of us wants the inconvenience and operational impacts that can be created by a cyber-attack or the risk of data breach fines. However, a blog headline last August; ‘Auto Industry at Higher Risk of Cyberattacks in 2023’, made the threat clear. We are in a huge global industry, with masses of personal data, an increasing reliance on technology and a growing parc of connected cars.?

The importance of cybersecurity in the automotive sector first came into the spotlight in 2015, when 1.4 million vehicles were recalled in the first and so far only security-related car recall. This came after researchers demonstrated how an attacker could remotely control a connected car. Since then, internet-connected vehicles and attacks targeting the industry have only become more common.?

As the rate of cybercrime increases, protecting financial services customers is more important than ever. The challenge is to protect both data and IT systems as new digital usage – contactless payments, online banking, etc all create new risks. Cybercrime is constantly innovating and developing, forcing organisations to find new ways to counter these attacks. It makes it critical that retailers create and sustain robust cybersecurity mechanisms, establish contingency plans and consider appropriate insurance to protect their businesses.??

Support for security needs to be at the highest levels to build a security culture. Whilst technology is a critical aspect of cybersecurity, nearly 90 per cent of cybersecurity breaches are still caused by human error. It is vital to train employees on best practices in cybersecurity, for example, the use of strong passwords or the use of password managers, or Multi-Factor authentication or how to spot malicious email with regular training to keep cybersecurity ‘front and centre’.?

A clear cybersecurity strategy, policy, staff training and continual vigilance must be woven into every business' fabric. Without it, a business and its reputation will be at risk.?