No matter how much preparation goes into preventing and acting upon existing threats, it is likely that some kind of damage will still be caused.
We judge the impact level of the damage caused by these threats by the value of the loss caused. However, the loss isn’t always financial. Losses may be operational, financial, reputation or intellectual property loss.
This lesson we’ll learn about:
As we discussed in the introduction, we judge the impact level of the damage caused by these threats by the value of the loss caused, but this loss isn’t always financial. We’ll look at the different types of impact now.
Operational losses refer to damages of the operating capability of an organisation. This includes a loss of manufacturing output, service availability and service data.
For example, a business whose operations rely on IT systems can be prevented from performing any work due to cybersecurity threats. Even on the manufacturing line, the machinery that builds the products will receive its instructions from computers that could be taken offline due to some threat.
For businesses who don’t rely on manufacturing, but providing services and data, they are even more easily affected. An online store could be taken down by a denial-of-service attack that will prevent the business from taking and processing sales.
It’s clear that, due to how reliant all businesses now are on IT systems, cybersecurity threats can massively hinder the operation of the business.
Financial losses refer to damages to the wealth of an organisation. This includes organisational losses, compensation and legal fees.
By financial loss, we mean actual increased costs, or reduced income, caused by the threat. This could be replacing damaged equipment from sabotage or the loss of sales due to your website being down from a malicious hack.
Compensation and legal fees come as a result of suffering a threat, as a business may be culpable, and so might need to both compensate customers that are affected by the threat and pay data protection fines placed on the business by the ICO due to the improper security of the data. There may also be legal fees to defend oneself in court, should there be a case for legal culpability.
After being hacked, Tesco Bank had to pay £2.5m in compensation to customers and faced a massive fine by the ICO.
Reputation losses refer to the loss of trust and lowered opinion of people to a business as a result of them being affected by a threat. This could be a lack of service and employee or customer information.
The lack of service is due to customers no longer wanting to do business with an organisation due to concerns over whether the service will be available. If you subscribed to a website and their services regularly went down due to cybersecurity threats, this would naturally lead to questions about continuing to use it.
Similarly, if a business has been hacked and had personal data stolen of employees or customers, you may not want them to be storing your data in future, as you would be concerned of them failing to protect that data again, which could impact on you. You, therefore, may not provide them with data they require and may instead take your business elsewhere.
Intellectual property losses refer to when product designs or trade secrets are stolen, thus adversely affecting the organisation.
This may be performed by a competitor organisation as corporate espionage, or an individual who wishes to blackmail the organisation or release it.
The theft of product designs, for example, could be used by a competitor to release a rival product. Stolen trade secrets will have almost the same effect, such as a competitor stealing the formula for a product so they can then produce it themselves.
This loss can have huge on-going effects to the business, leading to additional financial losses and a loss in reputation.
These four impacts have affected many businesses over the years. See if you can research some examples of these that have appeared in the news.
Cybersecurity threats vary over time as developers create new and smarter threats to counter existing infrastructure built to prevent internal and external threats. As a result of this, it may be hard to keep track of changes being made to the landscape.
Therefore some cybersecurity organisations provide regular updates on old, current and new data breaches and possible new malware that has been developed (if it is ever disclosed anywhere online).
For example, the National Cyber Security Centre produces weekly threat reports on the latest threats and vulnerabilities to computer users. Microsoft also completes its own reports, issued in different volumes for all kinds of security intelligence. Sophos labs runs a blog, newsletter & podcast on the latest threats.
There are also many blogs, news sites & technology sites that provide regular updates on the cybersecurity landscape. Some of these include:
A cybersecurity professional must therefore constantly keep themselves aware of these changing threats to be effective in their role. Being aware of the threats from last month, does not mean you are well prepared for the threats of this month.
Try and find an example online of a piece of malware that has come back several times after being altered by its developer to counter the changes made by anti-malware software.