At a William Fry Breakfast Briefing, a full house of over 170 representatives from Ireland’s business and technology sectors heard from David Cullen, Head of Technology at William Fry; John Magee, Associate in Technology at William Fry; Paul Fisher, Associate in Insurance at William Fry; and Dave O’Reilly, Chief Technologist at FTR Solutions, on how Irish businesses face an increased risk of cyber-attack and the steps they can take to increase protection of their data.
Speaking about the real risk to Irish businesses of a cyber-attack, Dave O’Reilly commented, “Every day criminals are using more professional and sophisticated methods to carry out identity theft, payment card fraud, online banking attacks and many other predicate offences. Following a successful data breach, cyber criminals are using various money laundering tools and infrastructure to illegally extract funds. The collective impact is staggering. Globally, billions are lost every year due to cyber-attacks and repairing systems following data breaches”.
Commenting on how the majority of Irish companies are ill equipped for a cyber-attack, Dave O’Reilly stressed, “The first thing companies should do is review and update their Employee Education policy and Detection and Response capabilities to ensure they are adequately prepared. This would include reviewing the company’s current response infrastructure; investing in capability as required; and conducting periodic simulated incidents/exercises”.
- 70% of breaches are detected by a third party.
- In 46% of cases it took more than four months to detect an incident (and a further three months to mitigate the risk).
- 73% of respondents believed that their company’s data was vulnerable to being hacked.
Guests also heard from Paul Fisher who highlighted the value of effective insurance to counter the costs of a data breach. He spoke about a number of international companies including Adobe, Sony and JP Morgan Chase who had suffered from either financial data or non-financial data breaches. Paul Fisher outlined what key provisions should be included in insurance policies to ensure companies have the best possible insurance cover in place.
John Magee provided attendees with the following advice: “Prevention is better than cure. Prepare in advance how to deal with a data breach in order to minimise and manage reputational damage and regulatory risk. Short term measures include putting the issue of cyber-security on the board agenda; the creation of a cross departmental working group; and reviewing legal and regulatory obligations. However, in the longer-term, a co-ordinated, multi-disciplinary and strategic approach is essential to adequately prepare, manage and respond to cyber incidents.”
With considerable experience in dealing with complex data breaches, William Fry’s Cyber Security team provides breach management and incident response services to clients, in preparation for potential cyber-incidents and following data breaches. The team can be contacted at the dedicated email address: [email protected]