DALLAS, July 10, 2017 /PRNewswire/ -- In the wake of
high-profile global ransomware attacks such as WannaCry and Petya,
BT and KPMG have today published a new cyber security report
offering practical advice to businesses of all sizes on how best to
manage their security journey and turn it into a business
opportunity.
The new report, "The cyber security journey – from denial to
opportunity", warns businesses against falling into dangerous
traps as they deal with the complexity of securing a digital
enterprise. These include being stuck in 'Denial' and 'Worry'
phases at one end of the spectrum, and 'False Confidence' and 'Hard
Lessons' at the other end.
While the report stresses that investment in technology such as
firewalls and antivirus protection is essential 'good housekeeping'
practice at the start of the security journey, firms should avoid
throwing money away on IT security products as a knee-jerk
reaction. This is especially true for companies who have matured
from the stage of 'denial' into the stage of constant 'worry',
where investing in the latest technology can be viewed as the
silver bullet to the problem. This common mistake can make firms a
target, not just for cyber criminals, but also for over-zealous IT
salespeople.
Businesses must first assess their current controls against best
practice, such as the guidance issued by the UK's National Cyber
Security Centre (NCSC), to help identify any gaps and prioritise
essential areas in which to invest. Furthermore, everyone in the
organization, from the board down, must take responsibility for
maintaining high standards of cyber hygiene, while businesses must
invest in training and raise awareness amongst staff. This can help
turn employees from the weakest point in any security chain into
every company's greatest asset in the fight to protect data.
Mark Hughes, CEO, BT Security,
said: "The global scale of the recent ransomware attacks showed the
astonishing speed at which even the most unsophisticated of attacks
can spread around the world. Many organizations could have avoided
these attacks by maintaining better standards of cyber hygiene and
getting the basics right. These global incidents remind us that
every business today - from the smallest sole trader through to
SMEs and large multinational corporations - needs to get to grips
with managing the security of their IT estate, as well as their
people and processes. This report aims to help secure the digital
enterprise by navigating businesses through their cyber security
journey."
David Ferbrache, Technical
Director in KPMG's cyber security practice, said: "The recent spate
of cyber-attacks is keeping cyber risk at the top of the business
agenda, and as such investments are being made. The business
community needs to avoid knee-jerk reactions as cyber security is a
journey – not a one size fits all issue, and getting the basics
like patching and back-ups right matters. It's important to build a
security culture, raise awareness amongst staff, and remember that
security needs to enable business, not prevent it.
"Cyber threats are evolving and businesses face ruthless
criminal entrepreneurs. The solution isn't jargon ridden technology
silver bullets but one that involves a community effort in a world
where business boundaries are vanishing. With criminals getting
increasingly creative about finding the weakest link, the CISOs of
the future need to care about digital risk, help the business seize
opportunities and build cyber resilience."
Although cyber security issues are increasingly discussed at
board level today, the report claims that those discussions are too
infrequent and are treated as a separate and disconnected issue
from broader operational risk. All too often, the issue of cyber
security is not incorporated into the overarching business
strategy.
The report also argues that overly complex IT architecture can
worsen security gaps. This is especially the case if the technology
deployed is too difficult to use or there's a lack of
integration.
In order to address these risks and gain true leadership in
cyber security, the report calls on firms to focus on good
governance processes, the proper integration of technologies and to
consider outsourcing some less critical aspects of their security
to a trusted partner. This, combined with the sharing of
intelligence, good practice and hard-won lessons among a network of
peers and beyond would put the company in a position to think about
cyber security differently. Namely, not as a risk which is
discussed by the board perhaps twice a year, but as a business
opportunity and enabler for digital transformation.
The report is available for download at
http://www.globalservices.bt.com/uk/en/point-of-view/cyberjourney
For further information:
For BT:
Enquiries about this news release should be made to the BT Group
Newsroom on its 24-hour number: 020 7356 5369. From outside the UK
dial + 44 20 7356 5369. All news releases can be accessed at our
web site: http://www.btplc.com/News
For KPMG:
Nahidur Rahman, Senior PR Manager
T: +44 (0) 20 7694 8812
M: +44 (0)73 9376 0775
E: nahidur.rahman@kpmg.co.uk
Follow us on twitter: @kpmguk
KPMG Press Office: +44 (0)207 694 8773
About BT
BT's purpose is to use the power of communications to make a
better world. It is one of the world's leading providers of
communications services and solutions, serving customers in 180
countries. Its principal activities include the provision of
networked IT services globally; local, national and international
telecommunications services to its customers for use at home, at
work and on the move; broadband, TV and internet products and
services; and converged fixed-mobile products and services.
BT consists of six customer-facing lines of business: Consumer, EE,
Business and Public Sector, Global Services, Wholesale and
Ventures, and Openreach.
For the year ended 31 March 2017,
BT Group's reported revenue was £24,062m with reported profit
before taxation of £2,354m.
British Telecommunications plc (BT) is a wholly-owned subsidiary
of BT Group plc and encompasses virtually all businesses and assets
of the BT Group. BT Group plc is listed on stock exchanges in
London and New York.
For more information, visit www.btplc.com
About KPMG
KPMG LLP, a UK limited liability partnership, operates from 22
offices across the UK with approximately 13,500 partners and
staff. The UK firm recorded a revenue of £2.07 billion in the
year ended 30 September 2016. KPMG is
a global network of professional firms providing Audit, Tax, and
Advisory services. It operates in 152 countries and has 189,000
professionals working in member firms around the world. The
independent member firms of the KPMG network are affiliated with
KPMG International Cooperative ("KPMG International"), a Swiss
entity. Each KPMG firm is a legally distinct and separate
entity and describes itself as such.
To view the original version on PR Newswire,
visit:http://www.prnewswire.com/news-releases/bt-and-kpmg-warn-businesses-against-cyber-security-traps-300484728.html
SOURCE BT