Business on the cyber war frontline

What should businesses do for peace of mind in the face of the current cyber threat?

A recent Cabinet Office report estimated that cyber crime costs the UK economy £27bn a year, with £21bn of that figure borne by British businesses, while a cyber attack by one state on another should be considered an "act of war", according to Tony Blair's former top national security adviser.

Historically, an enemy looking to destabilise the economy would target government, infrastructure and manufacturing sites with bombs. Now, the enemy might look to create similar chaos and operational paralysis by taking down a vital trading system, compromising personal records, or disrupting a high profile B2C organisation as a show of strength. In fact, Gartner predicts that by 2015 at least one G20 nation's critical infrastructure will be disrupted and damaged by online sabotage.

If significant targets such as banks and other financial institutions are attacked or dissuaded from operating within, for instance, the City of London, the impact on the UK will be significant - lost revenue for the banking industry, lost tax income for the Government, and lost confidence leading to lower future investment and the resulting impact on jobs and the population's general outlook.

With companies increasingly targeted for disruption rather than information theft, business is already on the frontline of today's cyber war. Companies need to change their security culture to deal with this new threat, because it's no longer just about safeguarding their own data assets - it's also about protecting the national and economic interest.

With the stakes raised, companies must address online security in three specific areas: physical - the measures to prevent attackers from accessing the facility where data is stored; digital - the software safeguards in place to protect applications and data; and human - the people with access to the systems and hardware. Only with all three bases covered can a company claim to be truly secure and to be ‘doing its bit' for the cyber war effort.

Of course, most companies can't be expected to build military-style security defences around their IT systems, which is why Gartner also predicts that, with 2011 set to be the year of the cloud, mass business migration to sophisticated and secure data centres will become inevitable. Businesses shouldn't have to go it alone in the face of the growing online threat - third party providers exist who can deliver the level of protection they need comprehensively and much more cost-effectively.

Technology has revolutionised the UK economy, opening up whole new industries that wouldn't otherwise exist, irrevocably altering existing business processes, and creating a whole new set of security risks. Yet our reliance on round-the-clock access to information makes cyber attacks the perfect weapon for those who wish to do us harm. Companies need to ask themselves: what price peace of mind during wartime?

Simon Neal is chief operating officer at The Bunker