Cybercrime has long-needed to become a critical priority for authorities, but government lethargy is not the primary reason it is currently flourishing.

It’s a shocking state of affairs when organisations face a global conspiracy to defraud.

In fact, cyber is increasingly being used by governments as a powerful political weapon as nation-states employ cyberspace as a defensive and offensive strategic platform at times of geopolitical difference.

Exploiting cyberspace further allows both governments and rogue groups to gain a foothold in critical industries, exploiting information platforms and destabilising important computer functions in the process.

Organisations should be wary of falling into the populist trap of blaming the Russians or Chinese. Cyber is the offensive weapon of the USA and in particular EU governments.

The impact, frequency, and intensity of ransomware has increased significantly, presenting companies with financial, regulatory, operational and reputational challenges that in some instances are impossible to recover from.

In the UK, legislation requires organisations that experience a ‘covert cyber incident,’ to report the issue to the Information Commission Office no later than 72 hours after the entity ‘reasonably believes’ an incident has occurred, unless there is no evidenced risk to individuals’ rights and freedoms.

However, no such compulsion exists when it comes to reporting cybercrime to law enforcement.

The deepest fear for companies is reputational damage. Top executives have to balance promoting a positive image to enhance competitive advantage, against the level of disclosure required.

A softly, softly approach will only allow cybercrime to mushroom exponentially. The vacuum left by government inattention and covert operations against other nations is positioning businesses to lose out whichever way they turn.