Not so long ago, Cyber Security was an abstract concept to many of us – an issue that impacted multi-national corporations with huge databanks. Nowadays, the scope and scale of cyber threats mean we must all be alert and protected…
On a micro level, someone in Berkshire might notice a glitch on their grocery shopping app. On a macro level, a cyber attack on western financial institutions might be launched from Belarus. Suffice to say, this is now a critical issue for individuals and organisations alike.
Our friends at the excellent Enterprise Nation website report that almost a third of UK companies targeted by cyber fraudsters are attacked at least once a week. The annual Cyber Security Breaches Survey by the Department for Digital, Culture, Media and Sport, said cyberattacks are becoming more frequent with firms reporting more breaches over the past year.
The most common threat was phishing attempts, experienced by 83% of businesses, while 21% identified more sophisticated actions such as a denial of service, malware, or ransomware attack. For those businesses suffering a loss of money or data, the average cost of cyber attacks was £4,200.
When it comes to how businesses can leave themselves open to cyber threats, the report said one of the reasons companies are more likely to suffer a breach is if they use a managed service provider (MSP). An MSP is a supplier of IT services to businesses. For small businesses, this is commonly a central function such as payroll, HR, and IT.
The report found that 36% of micro-businesses and 57% of small companies used at least one MSP, but only 13% of firms of all sizes reviewed the cyber risks posed by suppliers.
Not prioritising cyber security when selecting an MSP was especially true for smaller organisations. “They prioritised the price of procuring the MSP as well as the overall quality of service they would offer,” the report said.
Scott Tees, a veteran of the Royal Military Police and formerly the national lead for Police Scotland’s Cybercrime Harm Prevention Team, runs the consultancy firm Decode Cyber Solutions. He believes that cybercriminals will continue to adapt their methods, which is why it’s essential that businesses make it difficult for them by taking appropriate proactive measures to keep themselves and their staff safe and secure online.
“Who would want to target me? This is a not too uncommon question when referring to cyber security and the potential online risk to businesses and charities,” Scott explains.
Realistically, we are all potential targets. Just like criminals in days gone by, who may have looked for an unlocked door in your home or a window left open in a car, cyber criminals will look to exploit easy targets, those with online vulnerabilities.
The most common threat remains scam emails (aka ‘phishing’ attempts), those tactics used to trick people into carrying out some act that ultimately helps facilitate an organisation being subjected to a cyber-attack.
This is why it is essential that organisations adopt an appropriate attitude and organisational culture towards cyber security, that they invest in appropriate technical safeguarding measures, draft appropriate, ‘workable’ policies and procedures that promote good cyber hygiene and ensure that their staff have sufficient awareness and ‘ongoing training’ that will help them prevent falling victim of cyber criminals.”
Scott is the keynote speaker for our Military In Business® online event on the 20th of April – if you’re serious about cyber, be sure you attend this free networking session.
To read the full Enterprise Nation article click here.