back to article World's cyber attacks hit us much harder in past year – major infosec chief survey

Cybersecurity breaches were twice as severe in the past year, with total financial losses reaching $500,000 (£356,00) per business, according to an extensive survey of CISOs across the globe. Some 32 per cent of breaches affected more than half of an organisation's systems in 2017, up from 15 per cent the previous year, …

  1. Anonymous Coward
    Anonymous Coward

    Have you ever noticed how lots of these surveys / research things are carried out by companies interested in selling 'solutions' to the problems identified?

    1. amanfromMars 1 Silver badge

      Seconded

      Quite so, AC. Although providing problematic solutions is much more rewarding and engaging than just selling them. That's a whole other ball game there .... although also in dire straits need of problematic solutions provision.

      the UK government warned that critical infrastructure firms could face fines of up to £17m if they do not have adequate cybersecurity measures in place.

      What specific measures would the UK government advise critical infrastructure firms to make/take?

      Perhaps they might like to provide them from/with UK Stocks well versed in the Generation and Protection of Crown Jewels. Do they have a list of Immaculate Providers?

      Who they gonna call ..... if Sterling Stirling Services are Absent In House/AWOL.?

    2. GnuTzu Silver badge

      Naturally...

      Isn't NIST taking a budget cut, just as their preparing standards? How many other unbiased non-profits are going to take these things on. There will always be more research by those seeking a profit. And, could we expect to see a standards board from the private sector--one that lacks the conflict-of-interest problem that the PCI Security Standards Council created?

      1. Sir Runcible Spoon Silver badge

        Re: Naturally...

        It might be interesting to note that whilst the US power generation overseer, NERC, has many standards (and the teeth to enforce them) in the UK we have OFGEM, which does diddly squat in terms of enforcing standards for our CNI.

        This is old (2011) but I doubt it's been updated..

        https://www.parliament.uk/documents/post/postpn389_cyber-security-in-the-UK.pdf

        "There is no overarching regulation of cyber

        security in the UK, although a growing

        number of organisations are complying with

        voluntary standards"

        1. Sir Runcible Spoon Silver badge

          Re: Naturally...

          I found a newer one..

          http://researchbriefings.files.parliament.uk/documents/POST-PN-0554/POST-PN-0554.pdf

  2. amanfromMars 1 Silver badge

    ExtraTerrestrial when Heavenly ‽ .

    And, could we expect to see a standards board from the private sector-- .... GnuTzu

    Presentation of an AIMaster Piloting Program would Show and Instruct both Private and Public and Pirate and Renegade Rogue Sectors the Benefits and Rewards for Providing Excellent Standard Projects Above and Beyond the ExtraOrdinary.

    Lead with Anything demonstrably ExtraOrdinary and Virtually Everyone who is Anyone will Follow to Learn and Experience what is Practically Secret and Held Sacred.

  3. Anonymous Coward
    Anonymous Coward

    Not even a drop-in-a-bucket

    The legally disclosed hacks aren't even a drop-in-the-bucket of actual criminal hacking that is ongoing 24/7. The recent crypto currency hack disclosures for millions in bank losses should be a red flag that all should note. Stock market hacks should be another. Loss of system controls in utility company power systems should be another. U.S. election campaign hacking by Russian hackers is legend. If the general public knew how bad the security situation really is there would be mass panic world wide. That is why authorities don't disclose most of the major hacks happening daily. The black hats outnumber the white hats 10,000 to 1.

    1. amanfromMars 1 Silver badge

      Re: Not even a drop-in-a-bucket

      The black hats outnumber the white hats 10,000 to 1. .... Anonymous Coward

      And the grey hats, able and/or enabled to flit between good and bad actions, are another source of energy to be harnessed .... or crashed and crushed if one thinks it necessary.

      1. Sir Runcible Spoon Silver badge

        Re: Not even a drop-in-a-bucket

        Obviously there are shades of grey, but imho I would describe a grey hat as a white-hat with black-hat skills/awareness.

        YMMV

        1. amanfromMars 1 Silver badge

          Re: Not even a drop-in-a-bucket

          Beware those battleship grey-hats, Sir Runcible Spoon. :-) They be AIgents on Missions with Bots at their Disposal. ....... AI Navigating.

          YMMV.

          1. Sir Runcible Spoon Silver badge

            Re: Not even a drop-in-a-bucket

            Yes, well, trust no-one (as they say) and you will never be disappointed.

            We are a shameful species en-masse, and mostly en-passant.

  4. Nick Kew

    Back of a fag packet

    A quick google finds a not-too-outdated estimate that there are 5.2 million businesses in the UK. If we take the article at face value, that would suggest losses of 5.2m * 500k, or 2.6 billion. That being, good British billions, not those US imposters: in US numbers it's 2600 billion. Which is something round about our entire GDP.

    Hmmm. Something pretty fundamental is missing - like telling us what they're actually talking about.

    1. Sir Runcible Spoon Silver badge

      Re: Back of a fag packet

      If you were to take two similar breaches, but one on a company with 50 employees and turnover of £20m - the other on a company with 5000 employees and a turnover £20bn - I'm sure you can see why it's hard to provide an average.

      1. Nick Kew

        Re: Back of a fag packet

        Of course. My point is, they should have given us a better idea of what that actual sample was. Without that[1], the figure is meaningless.

        [1] You might argue it's meaningless either way, but that's a different argument.

        1. Sir Runcible Spoon Silver badge

          Re: Back of a fag packet

          I suspect the sample was based on a couple of real-world scenario's along with a wetted finger held in the air whilst sensing the prevailing direction of the wind :)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019