The UK is developing a keen focus on cyber crime but will it be sufficient to push cyber security into the boardrooms of UK plc in time to mitigate the growing cyber risk? We think we know what has to be done but the cyber crime data we have to work with in assessing this risk is flawed in many ways. This is a potential stumbling block in effectively communicating the threat to our nation’s C-suite.

UK plc has taken a tough stance on cyber crime. Positioned at the leading edge of tackling this global threat, the UK is affiliated with all the right people to help move the global response forward, such as Five Eyes Alliance, the EU, G8 cybercrime working groups, Europol and Interpol. Andy Archibald, Head of the National Crime Agency’s (NCA) National Cyber Crime Unit (NCCU), has a keen focus on driving improvement in this vital area. But in the UK, our ability to fully grasp the scale and cost of cyber crime could be hampered by the quality of the statistics available, if a research report from the Home Office is correct. How cyber crime is reported (or not), prosecuted and therefore reported back to the public, is inconsistent and unreliable. This patchy understanding does not help us when it comes to strategising response and mitigation and could potentially lead to assumptions and the unintended consequence of actually creating more risk. We do not know the real scale of cyber crime nor do we have an accurate picture of what it is costing us every year. Current estimates run between £15bn and £28bn. Given that kind of scale, it seems whatever the actual figure, it probably looks more like a telephone number.

Jul-Sep 2014 Issue

Advent IM Ltd