VIPs and top executives at this year’s World Economic Forum in Davos were warned of a perfect storm of malware and cyber threats set to make ground in Europe.
The Cyber Threats: A Perfect Storm About to Hit Europe? report, compiled by Marsh & McLennan Companies (MMC) and FireEye, revealed how Europe lays exposed to the threats posed by cyber- attacks. Highlighting how the cyber threat environment has ‘intensified dramatically’, the report points the finger of blame at unprepared business leaders who are unable to cope with the reality of today’s cyber risks.
Polling more than 750 businesses across Europe, only 31% said that they had a strong understanding of their cyber posture and only 32% regarded cybersecurity as a top-five risk. Of huge concern is the 9% of companies that did not even include cyber on their risk register.
This lack of preparedness is even more concerning considering the impending regulatory shake-up which will soon hit Europe. GDPR, set to come into force next year, will see a crackdown on data protection – with dire financial consequences for those companies who do not comply. In addition, the Network Information Security Directive will face further demands on governments and critical infrastructure.
In the report, the lack of preparedness and regulation are two of three cyber clouds forecast. The third cloud set to cast a shadow across Europe relates to critical infrastructure.
“Cyber attacks on critical infrastructure — manufacturing plants, power stations, aviation systems, transportation networks, water systems and even nuclear facilities — are the new reality in Europe. And new vectors of attack are being launched against political parties and electoral systems as national elections loom in France, Germany and the Netherlands in 2017,” said FireEye CEO Kevin Mandia and Peter J. Beshar, MMC Executive Vice President.
Organisations in the UK were found to be one of the top countries needing to navigate the impending storm, with Great Britain receiving 12% of all targeted malware attacks in Europe in 2016. The report also states that in Europe it will take 469 days to detect a compromise, compared to a global average of 146 – not nearly good enough as malicious actors mount more and more attacks.
The report encourages a change in perspective when it comes to cybersecurity, requiring appreciation of the level of risk posed by cyber threats on infrastructure, and the subsequent real world danger that could be caused.
Signing off in the report’s execuritve summary, Mr Mandia and Mr Bashar said:
“While progress has been made, a significant journey remains. If, as we anticipate, cyber breaches begin to fill the headlines of the major European newspapers in 2017, management teams will be pressed, as never before, to address concerns from data protection authorities, supervisory boards and journalists about their state of preparedness. Rather than waiting until 2018, companies must work to confront this looming challenge now.”