ICAEW members and guests gathered at Jumeirah Emirates Towers in Dubai on Sunday, to discuss the threat of cyber-attacks on organizations. Panellists included Patrick MacGloin, Middle East cyber risk and privacy leader at PwC; Nick O'Connell, partner, technology, media and telecommunications at Al Tamimi and Company; Darren Mullins, director, forensic technology at Deloitte Corporate Finance; Simon Dodsworth, SVP, MENA regional head, financial and professional risks at Marsh; and Ben Downton, principal consultant at MWR InfoSecurity and Control Risks. The discussion was moderated by David Petrie, head of corporate finance at ICAEW. The Lord Mayor of the City of London, Alderman The Lord Mountevans, delivered the keynote address. He said, "The digital age, which brought the world ever closer to trade, innovation and accountability, has also brought new and dangerous cyber threats — these are unseen, intangible and largely unmeasured. "Cyber-attacks don't recognize borders and cost businesses as much as £400 billion every single year. In order to fight cyber-attacks, cyber-security has to be globally ambitious and must work internationally with all parties." Panellists agreed that there is no easy solution to respond to cyber-attacks; they are becoming more focused, innovative and global. Cyber-risk is a business risk that must be managed within an overall information and risk-management framework. Michael Armstrong, FCA and ICAEW regional director for the Middle East, Africa and South Asia (MEASA), said: "The fight against cybercrime has created a market for cyber-security practitioners, which is expected to grow from $75 billion in 2015 to $170 billion by 2020. Cyber-security criminals are more sophisticated, bold and resilient than ever. Understanding your risk profile is essential for protecting your business. Organizations must know the assets that need protection from cyber-attacks and the various threats that might hit their business." Speakers agreed that among the simple measures businesses can take are: * Identifying where the value lies in what their business is doing * Knowing the weak points of the business * Understanding to whom data is given * Understanding what needs to be done to mitigate risks * Asking if they have a plan in place for cyber-attacks Regarding mergers and acquisitions, panellists encouraged advisors to keep their communications as simple as possible and minimize the number of people involved in each deal. They also suggested protecting communications, the devices used, and implement cyber-security assessment with each M&A deal. David Petrie said, "No organization or transaction is immune to the challenges posed by cyber security. As with any risk, the key to effective management is identifying and understanding the threats, level of the risks involved and putting in place security measures that are appropriate and proportionate to address them" Speakers debated the benefits of stimulating attacks as part of a business' cyber-security strategy. While some speakers recommended running such attacks to evaluate the level of response of the cyber-security systems, other speakers were anxious about the negative effects such attacks could have on businesses. The event was attended by almost 100 ICAEW members and senior business representatives from the major global and regional financial organizations. ICAEW is a world leading professional membership organization that promotes, develops and supports over 146,000 chartered accountants worldwide. It provides qualifications and professional development, shares knowledge, insight and technical expertise, and protects the quality and integrity of the accountancy and finance profession. As leaders in accountancy, finance and business our members have the knowledge, skills and commitment to maintain the highest professional standards and integrity. Together we contribute to the success of individuals, organisations, communities and economies around the world. — ICAEW is a founder member of Chartered Accountants Worldwide and the Global Accounting Alliance.
