Image Source: Pixabay
As the world becomes more connected, business is no longer bound by physical borders. So much of today’s business is conducted online, and while this connectivity has given rise to many new opportunities, it has also brought along unprecedented threats. One such threat is the increased possibility of cyberattacks.
Studies show that few nations feel like they are protected from cyberthreats and have the capabilities to formidably respond to attacks. As stated in an article by Maryville University, a whopping 83% of the 3,400 ISACA (Information Systems Audit and Control Association) members across 129 countries agree that cyberattacks are in the top three threats businesses face today.
The Crippling Costs of Cyberattacks
Consider the infamous “WannaCry” attack of 2017 that affected organizations across 157 countries in the world. The attack used a type of ransomware that locked a user’s data, only to release it once a ransom was paid. According to a report by The Council on Foreign Relations (CFR) titled, “Increasing International Cooperation in Cybersecurity and Adapting Cyber Norms,” the total cost of the WannaCry attacks was over $1 billion. Soon after, other attacks followed, such as the “NotPetya/Petya” attacks. While NotPetya/Petya was brief in comparison, it had devastating effects, wiping out computers and erasing data from the targeted systems. In fact, the attack cost container ship operator Maersk $300 million.
Additionally, a report by AGN that covers the proceedings of the Global Business Voice (GBV) panel showed that 40% of the panel felt that their clients had suffered costs due to cybercrime. These costs are not just financial but material in nature, too. This is because below-average cybersecurity measures hamper businesses not only from protecting financial assets, but also do not allow executives to safely collaborate with each other, travel internationally, or hire teams from overseas.
Specifically, as we’ve mentioned in a previous article, technology has removed many of the barriers to working remotely. Today, a business team can be comprised of individuals sitting in different countries across the world, all working on the same project at the same time. However, secure online connections are necessary to ensure that these sorts of business ventures aren’t compromised. Even one tiny breach in cybersecurity can affect the business on multiple levels.
Thus, the effects of a cyberattack can be crippling in a variety of different ways. Unfortunately, while cyberattacks of the past have had a wide-scale impact, the coming years are likely to see attacks that are even more destructive. To quote the CFR Report, “a major cyberattack on a cloud services provider such as Amazon could trigger economic losses of up to $53 billion, a figure on par with a catastrophic natural disaster such as Hurricane Sandy, which hit much of the eastern United States in 2012.”
What Needs to Be Done
With this in mind, cybersecurity measures have never been more important for international business. Those who aim to successfully conduct business internationally can no longer get by with basic cybersecurity systems in place. Advanced security measures, as well as employing professionals who thoroughly understand cybersecurity, are now necessities for any internationally operating organization. As stated by Ohio University, all employees of an organization need to undergo cybersecurity training to ensure the business can thrive internationally. Cyber awareness training includes:
- Identifying data assets and examining the existing protective measures for said assets
- Instituting protective measures for threat detection, as well as alerting the relevant professionals about suspicious cyber activity
- Implementing an emergency response plan in the event a cyberattack does take place
- Discussing recovery procedures for the aftermath of an attack
Cyber awareness training programs are integral for international businesses, especially those that employ workers across the world with different levels of cyber knowledge. Ultimately, cybercriminals always target the weakest link, and currently, the weakest link in the chain happens to be the end-user — one with little or no knowledge of cybersecurity. Training employees on how to catch red flags when it comes to cybersecurity is one way to thwart cybercriminals’ attempts.
On a macro level, there is much that countries can do to protect businesses against cybercrime. Consider the Schengen Information System (SIS), Europe’s most shared information security system. The SIS contains about 79 million records and is used to protect Europe from all forms of terrorism, as well as prevent it. Recently, a set of new rules to further improve the SIS have been implemented. These include a new obligation on the part of member states to inform on any terrorism alerts of threats, giving national authorities more power to combat terrorism. Additionally, there are also updated data protection rules in place that follow the standards on data protection, including “General Data Protection Regulation and the Police Directive.”
Measures such as these make international business more viable, by both preventing and protecting individuals and organizations from threats. Collaboration amongst countries, as is seen via the SIS, is key to fighting cyberterrorism — a threat that transcends national boundaries. The SIS makes for an inspiring example — other countries would do well to follow suit in terms of coming together to fight cybercrime, rather than simply tackling the issue on an isolated national scale.
Ultimately, cybersecurity is intrinsically connected with the success of international businesses. As technology develops even further, the frequency of cyberattacks, and the subsequent cost to companies, is bound to increase. Even so, few businesses are prepared to deal with a cyberattack and fully recuperate from its consequences. The lack of preparation can be attributed to serious knowledge gaps when it comes to cybersecurity, as well as the fact that businesses don’t seem to be taking this threat seriously enough.
As stated by Malcolm Warn, AGN CEO, “It’s not clear that businesses are thinking of cyber risks as an immediate and urgent business continuity issue. Few will operate without insurances and contingency plans for physical events like fire or flood, but arguably the risk to business from cyberattack is both more likely and harder to assess and plan for.”
The reality of the matter is that international businesses need to prioritize cybersecurity and implement it into their business emergency preparedness plan. Without adequate cybersecurity, the continuity of internal businesses remains at risk.