Cyber threats continue to rise, top risks for seven industries

23 August 2016 Consultancy.uk

Cyber criminals are becoming more sophisticated even while more and more of the world’s transactions and intellectual property are being created and stored in the digital space. The result is an increase in threats to companies as well as the tangible and non-tangible consequences that follow. A new report considers the top threats to various sectors, as well as the most common consequences, and concludes that cyber-threats are a manageable problem after considering three key attributes.

The increasing expansion of technology into everyday life may come with a price. Cyber criminals are becoming more sophisticated in, among others, penetrating hosts that store vast amounts of information collected from those who use their services, from e-commerce website to apps. The companies targeted by cyber criminals are varied, with criminals themselves often randomly testing the defences of organisations of any size, to identify weaknesses, and strike once having identified (through automated scripts) a weak fence.

The effects of a penetration into a company can produce a range of negative consequences for the company, as well as for its customers. Consequences range from tangible losses, including access to back accounts, damage to systems, legal proceedings and compensating third parties, to intangible losses, such as intellectual property, customer trust, business partners, and reputational as well as brand damage. For a company, a major incident may see its share price fall, or in some instance, be the downfall of the whole company.

According to the research, different company types are open to different attack vectors, although, across types, a broad range of vectors are being used. In 2013, Web App Attacks were the most common form of attack, making up 35% of the sample of 1367 breaches, this was followed by Cyber-espionage, which accounted for 22% of incidents. Point of Sale System Intrusions accounted for 14% of incidents, while Insider Misuse accounted for 8%. The total number of attacks are on the rise, with a recent report citing 500,000 attacks per day, while the total costs are estimated to be around $400 billion per year.

Cyberthreats

A new report from Deloitte, titled ‘Global Cyber Executive Briefing: Lessons from the front lines’, considers the specific battle lines for seven different industries, as well as a range of case studies of incidents within the industry. The aim of the report is to highlight the threats as well as spark collaboration as a mean of closing potential vectors through which companies may become compromised – even if, in many instance, compromise is inevitable.

High-technology: According to the report, this sector is particularly open to attacks from hacktivists, state actors, insiders and competitors. Attackers are predominantly after personal data, intellectual property as well as leverage on critical systems. The impact on this sector includes loss of reputation, competitive advantage and financial losses. Cases include the hacking, and eventual bankruptcy, of a certificate authority, loss of source code and customer data for a software company, and the virtual shutdown of an online platform.

Online media: These organisations, according to the report, are most vulnerable to hacktivists, cybercriminals and script kiddies. The targets include manipulating information, such as new reports, leveraging high-volume websites for malware injections, as well as theft of personal information. The consequences include reputational damage, the spread of propaganda and the manipulation of public opinion.

Telecommunications: Threats are predominantly from script kiddies, state actors and criminal groups. Targets include customer data, communications data and network access and intellectual property. Top threats to companies include damage to reputation, undermined customer trust and loss of confidential network traffic.

Top risks for seven industries

E-commerce and online payments: This sector is most predominantly targeted by cybercriminals, hacktivists and script kiddies. Targets include customer data, money and credit card information. As a consequence, considerable reputation damage may ensue, as well as costs related to the identity theft of customers – and problems for the customers themselves. Regulatory bodies may also level fines for non-compliance.

Insurance: This sector is opening itself increasingly to attack, largely due to the sectors efforts to digitalise much of its operation, from payments through to risk assessments. Attackers are predominantly cybercriminals seeking financial information to commit fraudulent transactions. The costs to compromised companies ranges from loss of reputation and customer trust, to financial losses from non-compliance suits, legal fees, monitoring costs and customer compensation.

Manufacturing: The sector is predominantly targeted by state actors, hacktivists and competitors. The target of the hacks includes market advantage, intellectual property as well as access to critical utility networks. Consequences include loss of competitive advantage, reputational damage, and, in the case of cyber warfare, the loss of key strategic assets.

Retail: This sector is open to exploitation from cybercriminals, insiders and contractors. The sector holds a lot of credit card details, making it a juicy target. Threats include loss of cardholder data, personal data and intellectual property. Brand damage, loss of revenues and fines are all potential consequences of hacks. Cases are relatively well reported on by news agencies, which compounds brand damage.

According to the report, there are three key attributes to protecting critical information and systems, security, vigilance, and resilience. “The good news is that cyber-threats are a manageable problem. As noted earlier, a well-balanced cyber-defence needs to be secure, vigilant, and resilient. Although it isn’t possible for any organisation to be 100 percent secure, by focusing on these three key attributes, it is entirely possible to manage and mitigate cyber-threats in a way that reduces their impact and minimises the potential for business disruption.”

More on: Deloitte
United Kingdom
Company profile
Deloitte
Deloitte is not a United Kingdom partner of Consultancy.org
Partnership information »
Partnership information

Consultancy.org works with three partnership levels: Local, Regional and Global.

Deloitte is a Local partner of Consultancy.org in Middle East, Netherlands.

Upgrade or more information? Get in touch with our team for details.

Send
Deloitte launches AI Advantage for CFOs solution
United States
Deloitte launches AI Advantage for CFOs solution Big Four accountancy Deloitte has launched AI Advantage for CFOs, an analytics and insights platform built in collaboration with AWS and Anthropic.
25 March 2025
Deloitte Canada acquires Vancouver-based Pocketed
Canada
Deloitte Canada acquires Vancouver-based Pocketed Deloitte Canada has acquired Pocketed, a Vancouver-based technology platform that helps businesses secure government funding.
14 March 2025
Deloitte appoints Suresh Kanwar to lead UK financial services business
United Kingdom
Deloitte appoints Suresh Kanwar to lead UK financial services business Suresh Kanwar has been promoted to head up Deloitte’s UK financial services wing. He also joins the executive committee, having first joined the firm nine years ago.
12 March 2025
Deloitte’s Belinda Willis named talent acquisition leader of the year
Australia
Deloitte’s Belinda Willis named talent acquisition leader of the year Employment platform SEEK has issued its latest annual HR awards, with Deloitte’s Belinda Willis named overall talent acquisition leader of the year.
11 March 2025
Deloitte launches Amplify internship program for graduates in Southeast Asia
Asia
Deloitte launches Amplify internship program for graduates in Southeast Asia Global audit and advisory firm Deloitte has launched a new internship program for graduates in Southeast Asia.
05 March 2025
Deloitte executive rejig complete as Joanne Gorton takes CEO reins
Australia
Deloitte executive rejig complete as Joanne Gorton takes CEO reins The Australian wing of professional services firm Deloitte has now completed its CEO handover to Joanne Gorton, with a number of its senior executives moving into new roles in the process.
04 March 2025
Currys and Deloitte partner for tech recycling push
United Kingdom
Currys and Deloitte partner for tech recycling push Currys is supporting Deloitte’s new ‘Recycle for Good’ launch. The partnership will empower Deloitte’s 25,000 UK staff to recycle their old tech and electricals at Currys stores.
27 February 2025
Thailand-based product innovation consultancy Appsynth acquired by Deloitte
Asia
Thailand-based product innovation consultancy Appsynth acquired by Deloitte Appsynth, a digital consultancy in Thailand, has been purchased by Deloitte, which has integrated the acquisition within its Deloitte Digital outfit.
27 February 2025

Cyber Security news

Cyber Security consulting firms Cyber Security consulting services