Preparing for a zombie attack? Mind the cyber security risks first

By : Robin Angus

June 24, 2014 03:00 PM

The undead may not be walking the streets, but the issue has taken on new resonance after the Centers for Disease Control and Prevention issued its now famous Zombie Apocalypse campaign.


Starting as a tongue-in-cheek approach to disaster planning, it has become an incredibly successful way of engaging both individuals and businesses about what to do in the event of an emergency.


CDC director Dr. Ali Khan comments: "If you are generally well equipped to deal with a zombie apocalypse you will be prepared for a hurricane, pandemic, earthquake or terrorist attack."


The same also applied for large disruptive events, such as the Commonwealth Games in Scotland or the World Cup in Brazil, both of which are taking place this summer and both of which will need proper planning. (Although as parts of the recent Zombie blockbuster "World War Z" with Brad Pitt were actually filmed in Glasgow, perhaps it was all part of the planning for the upcoming commonwealth games?)


The need to be prepared also goes for banks and other financial institutions. If the zombies are coming, there is a fair bet your ATMs are going to be drained of cash by fearful customers. If you’ve got a great cash management solution, it’s not that you really need to worry, but the concept raises questions about how a bank, or any other business, can prepare for the unexpected. This could be on a grand scale–global pandemic and financial meltdown–or it could be something a lot more mundane, but very disruptive to customers, like an ATM going out of action for a few hours on a busy Saturday during the holidays.


However, as much as the zombie apocalypse threat is thought-provoking, banks and other financial institutions need to lower their sights to the more pressing demands of cyber security.


Britain’s financial services sector was warned recently to up its game in relation to cyber attacks, after the Bank of England published the results of its simulated assault on markets. The Waking Shark II project, which modeled a concerted attack on the UK’s financial institutions, shows a lot more can be done.


For banks the issue around cyber security goes deeper as businesses in general are not prepared, meaning they could be allowing important financial data to be breached. One new study from the Economist Intelligence Unit found over a third of firms (38 per cent) do not have an incident response plan in place should a cyber attack take place. Just 17 per cent of companies globally even claim to be "fully prepared" for an online security incident. I wonder if we’d actually find more people are prepared for a zombie attack than a cyber attack?


So forget the zombies, the real disaster is in our unpreparedness for a major cyber attack. As the EIU report suggests, it’s a matter of when, not if, one occurs.