Dr. Guy Bunker, CTO at Clearswift, discusses the impact Brexit has had on attitudes towards cyber security spending.
In the Brexit era, political uncertainty offers an exceptional opportunity for cybercriminals to exploit the chaos permeating the UK.
For many employees, an element of confusion leads to a lack of confidence. And a combination of confusion and non-confidence is the ideal scenario for cybercriminals looking to gain access to critical data.
Hackers have been known to exploit uncertainty to breach private networks and steal customer data or even trade secrets. Once a malicious party has gained access to the system, they can then upload malicious code capable of performing any one of a plethora of criminal operations such as data theft or installing ransomware.
Our recent data, collected in collaboration with Vanson Bourne, reveals that 53% of UK enterprise organisations have increased their cyber security spending specifically to respond to these threats posed by Brexit.
However, it seems that in the event of a rise in cyber-attacks as a result of the UK leaving the EU, organisations will be prepared.
According to Clearswift’s data, the main cyber threats that organisations are preparing for are: Malware (49%), Phishing (40%) and Ransomware (40%). Still, all forms of cybercrime are expected to rise in the run-up to Brexit.
Although none of these threats are new in the cyber landscape, the current political turmoil has made them more widespread. So, how do hackers practically exploit Brexit uncertainty?
Also of interest: How will Brexit affect Cyber Security?
Hackers taking advantage of the Brexit disorder
The disorganised response to Brexit and its complicated developments will make cyber-attacks easier in a number of ways. Once new data protection regulations come into play, companies will wish to keep abreast of any compliance changes.
Hackers may take advantage of this situation by acting as a consultant or regulatory agent, pretending to offer informative documents to companies (ostensibly to assist in compliance). This way, they may infect the network by hiding malware or ransomware in the material offered, which when opened, will go on to steal data from an organisation.
Another method may be a hacker acting as a wing of a governmental body facilitating Brexit, in an attempt to engage employees in a phishing or Business Email Compromise (BEC) attack. This way, people may be coerced into voluntarily releasing critical data, such as payment information or intellectual property.
Among the most-profoundly affected sectors, these are likely to be manufacturing and professional services, as both industries rely on overseas supply chains and clientele, which are especially susceptible to the threats posed by these attacks.
Our survey data reveals that businesses are undoubtedly aware of what solutions must be invested in to offset these threats. Data Loss Prevention technology (49%) regulation compliance solutions (49%) and security for the endpoint (40%) were identified as the largest investment areas for organisations after the UK leaves the EU.
What is good to see is that all of these solutions directly respond to the threats that firms have classified as posing the greatest risk in the run-up to Brexit.
Also of interest: Brexit could impact the UK’s ability to deter cyber attacks, experts warn
Addressing the threats
To address these developing threats, it is crucial that firms have suitable software in place. Companies must be able to perform two main actions: operate a suite of tools designed to ensure compliance with evolving regulation and provide protection from sophisticated threats such as malware, phishing and illicit data transfer.
Together with increased spending on software solutions, organisations must allocate resources to training employees so that they will be able to recognise the countless forms of hacking.
The aim is to ensure that workers can recognise threats and respond accordingly. This will allow organisations to detect, identify and address the myriad of risks that will arise as the Brexit-induced confusion approaches.
Political change often brings confusion to the table, and confusion is highly appealing to those opportunists trying to exploit it. The only way to ensure that companies can face the cyber threats that will arise as a consequence of the Brexit turmoil, is to be prepared.
Increasing cyber security spending guarantees that firms will be equipped with the tools and resources needed to combat cybercrime in the uncertain times ahead.