Cyberattacks should be accounted for in risk management process

When companies perform qualitative risk assessments, they often fail to consider the potential disruption from a sophisticated cyberattack. The frequency and complexity of cyberattacks is increasing, and hackers are more able to breach a company's security detection system, according to a recent study from Frost & Sullivan. Next-generation intrusion prevention systems (NGIPS) are becoming more widely adopted to mitigate the risk of a cyberattack.

Organizations have experienced a rise in long-term, targeted advanced persistent threats, which indicates hackers are better organized and more skilled. Many enterprises continue to install intrusion prevention systems to detect traditional malware, but some are upgrading protection measures as the threats to data security increase. However, the high cost of software upgrades can deter some businesses from investing in new systems. 

Earlier this month, the U.S. government cautioned businesses about the heightened risk of cyber crime could create disruptions for companies that provide critical infrastructure services, such as electricity and water, The Washington Post reported. U.S. officials are increasingly concerned about data breaches on authorized computer networks, and have warned that cybercriminals are probing into computer systems that control chemical, electric and water plants. Federal agencies are increasing efforts to share information about potential cyberattack risks with infrastructure industries and encouraging computer network security. 

Although such attacks are rare, targeted cybercrime could cause a severe business disruption. While data security breaches are a risk for many industries, the government warned it would be particularly damaging for infrastructure providers, The Washington Post stated. The government issued specific measures that could be taken and gave detailed descriptions of tactics used to gain access to company networks. Adequate measures to prevent data security breaches are important for the risk management process.