Cyber Security: What to do if an attack does happen

Cyber Security: What to do if an attack does happen
Richard Horne, Cybersecurity Partner, PwC UK

Mr. Horne began by recounting a cyber attack on UK retail banks a few years ago in which the resulting financial loss was minor compared to the resulting loss in confidence. Cyberattacks affect not only financial institutions but their customers as well, and it comes from various sources including cyber terrorists and organized crime, he said.

One common trait of cyber attackers is that they all use insiders, Horne said. An attack may last as long as 10 months without the breach being noticed.

Horne emphasized that compared to technical resolution, legal, regulatory and business management is more important. Companies need to prioritise their security over various assets and manage their relationships with regulatory bodies, customers, vendors and other connected parties -- because not only money but confidence is at stake.

When asked how he would advise a company on cyber risk, Horne answered that since attackers usually target the business process before the technical infrastructure, it is important that companies put highest priority on the most valuable assets in their business models and conduct tests repeatedly.