Avoid the consequences of cyber attacks
We were very interested to read the report published by Birmingham Chamber of Commerce (BCC) – of which Trade & Export Finance is proud to be a member – on the subject of cyber attacks. You can click here to read more about it.
The BCC report is in line with the findings of our most recent International Trade Survey which covered the subject.
Cyber-attacks have recently hit the headlines and are jeopardising major corporations. The International Trade Survey (ITS) sponsored by AIG published in 2015 drew attention to this burgeoning threat when it demonstrated that only 24% of respondents considered that a cyber-attack would have a significant impact on their business.
Only one in three companies believed that their understanding of cyber-risk required improvement and nearly one in two multinationals declared that they never discussed cyber risk at board level.
There is obviously complacency around the potential for cyber-risk or a feeling of ‘it will never happen to us’. The risks are potentially enormous, however, not only reputationally – ask Talk Talk – but security breaches can incur heavy financial penalties for non-compliance from the Information Commissioners Office (ICO).
Mark Runiewicz, CEO of TAEFL and author of the survey, believes that all companies from SMEs to Multi-National Corporations (MNCs) should review their Cyber- Security procedures frequently and look to mitigate the risks where possible.
First hand experience at TAEFL prevented
TAEFL, like many companies, is under threat from cyber-attacks on a daily basis. This can range from the seemingly innocuous spam email to much more worrying examples. TAEFL avoided a cyber-enabled fraud due to the quick thinking of its staff. An email was sent to an account manager purporting to be from CEO Mark. It instructed her to transfer a significant amount of money to a third party account.
If the account manager hadn’t flagged the instruction as unusual, and asked Mark directly if he had sent the email, there would have been severe consequences for the company.
What prompted this highly specific attack? After the incident, TAEFL realised that in the account manager’s job description on the company website, it stated that she made payments. Clearly, the cyber attacker had searched for such phrases and identified this person within the TAEFL organisation.
This case serves to emphasise the importance of vigilance in all aspects of internet security – not just protecting your PC network from malware. This includes avoiding publishing any information which creates potential vulnerabilities – as in the case of TAEFL.
The International Trade Survey highlighted security as part of its report on ways in which companies trading internationally can improve their business and financing solutions. Click here to download a copy of the Executive Summary of the Survey report.