Cyber Attack – Half of UK Businesses Are Unprepared
In the last 12 months, two-thirds of large businesses (those with at least 250 employees) experienced at least one cyber attack or breach, according to the government’s Cyber Security Breaches Survey, released in May. Of those businesses, one-fourth experienced a breach at least monthly.
While about one-third of these incidents involved cyber criminals impersonating the organisations and stealing money (ranging from an average of several thousand pounds to a high of £3 million), the majority involved viruses, spyware or malware that were used to steal data or disrupt systems. If businesses are not adequately protected against these types of cyber attack, they leave their data—including financial and private customer information, bank account numbers and access to social media accounts—vulnerable to cyber criminals.
Yet, while most of these threats could have been prevented using free resources from the government’s Cyber Essentials scheme, only half of all UK businesses have taken any recommended steps to address gaps in their cyber security. And, that is a problem made worse by the finding that only 27 per cent of UK businesses consider cyber security training to be an effective method to prevent attacks, according to research from CompTIA, a global IT industry trade association. However, training is absolutely necessary, since 60 per cent of all security breaches last year were the result of human error, general carelessness or IT staff failures.
To help shore up cyber security for all UK businesses, the government will invest £1.9 billion over the course of the next five years to prevent and address cyber crime. As part of this effort, the government will also develop a new National Cyber Security Centre, which will launch in autumn 2016 and provide UK businesses with cyber security guidance. Also, a new national cyber security strategy, which will outline proposals to improve cyber security, will be published sometime later this year.
In the meantime, there are three simple practices that your business—regardless of size—can implement to bolster your cyber security:
- Provide all employees with training on how to identify and manage cyber security threats.
- Implement the guidance outlined in Cyber Essentials.
Complete the 10 Steps to Cyber Security, if you are a large business
Contact us for more information on how CIEEM Insurance Services can help protect your business.