In the last 12 months, two-thirds of large businesses (those with at least 250 employees) experienced at least one cyber attack or breach, according to the government's Cyber Security Breaches Survey, released in May. Of those businesses, one-fourth experienced a breach at least monthly.
While about one-third of these incidents involved cyber criminals impersonating the oganisations and stealing money (ranging from an average of several thousand pounds to a high of £3 million), the majority involved viruses, spyware or malware that were used to steal data or disrupt systems. If businesses are not adequately protected against these cyber threats, they leave their data- including financial and provate customer information, bank account numbers and access to social mediaa accounts- vulnerable to cyber criminals.
Yet, while most of these threats could have been prevented using free resources from the government's Cyber Essentials scheme, only half of UK businesses have taken any recommended steps to address gaps in their cyber security. And, that is a problem made worse by finding that only 27% of UK businesses consider cyber security training to be an effective method to prevent attacks, according to research from CompTIA, a global IT Industry trade association. However, training is absolutely necessary, since 60% of all security breaches last year were the result of human error, general carelessness or IT staff failures.
To help shore up cyber security for all UK businesses, the government will invest £1.9 billion over the course of the next five years to prevent and address cyber crime. As part of this effort, the government will also develop a new National Cyber Security Centre, which will launch in autumn 2016 and provide UK businesses with cyber security guidance. Also, a new national cyber security strategy, which will outline proposals to improve cyber security, will be published sometime later this year.
In the meantime, there are three simple practises that your business- regardless of size-can implement to bolster your cyber security:
1. Provide all employees with training on how to identify and manage cyber security threats.
2. Implement the guidance outlined in Cyber Essentials
3. Complete the 10 Steps to Cyber Security, if you are a large business