New security breach statistics cause UK Government to urge businesses to protect themselves
The survey is part of the Government’s five-year National Cyber Security strategy to make the UK the safest place in the world to conduct business online. It revealed that close to 50% of businesses in the UK suffered a cyber security attack or breach during the last 12 months.
During this period almost seven in ten large businesses experienced a breach or attack costing them on average £20,000 – in some cases costing millions of pounds in damages. The survey highlighted that businesses holding electronic personal data were more likely to fall victim to a cyber threat.
Fraudulent emails were revealed to be the most common culprit of successful breaches which typically encourage staff to reveal passwords or financial information, or open dangerous attachments. Ransomware, malware and viruses were also reported as common successful breaching methods.
Businesses identified that most of these breaches could have been prevented using the Government and industry supported Cyber Essentials scheme – a prevalent cyber security certification scheme which provides guidance on how to protect against these threats.
APMG International is a Government appointed accreditation body for the Cyber Essentials scheme. The scheme presents businesses with a low-cost cyber security certification process that can be completed entirely online using APMG’s secure online portal.
As an additional step in the Government’s National Cyber Security Strategy – it recently opened the National Cyber Security Centre (NCSC) – an extension of GCHQ. Ciaran Martin, CEO of the NCSC said, “UK businesses must treat cyber security as a top priority of they want to take advantage of the opportunities offered by the UK’s vibrant digital economy.
“The majority of successful cyber attacks are not that sophisticated but can cause serious commercial damage. By getting the basic defences right, businesses of every size can protect their reputation, finances and operating capabilities.
“Cyber Essentials, technical advice on CiSP and regularly updated guidance on the NCSC website offers companies, big and small, simple steps that can significantly reduce the risk of a successful attack.”
APMG is a trusted provider of a wide portfolio of/range of cyber security solutions developed in partnership with the Government. APMG partnered with Dstl to develop the Cyber Defence Capability Assessment Tool (CDCAT®). A comprehensive cyber security assessment option in its own right – CDCAT can also be used to check whether a business meets the requirements for the Cyber Essentials scheme. If a business has the necessary security controls in place to achieve Cyber Essentials – CDCAT will also allow it to check how effectively these controls have been implemented with the aim to improve its security delivery.
The Government views businesses as playing a role in protecting customer data. The results of the Cyber Security Breaches Survey 2017 reinforced the notion that businesses holding personal data are attractive targets for cyber-based threats. The Government has mandated that all businesses which hold personal data will need to be compliant with the new General Data Protection Regulation (GDPR) legislation by May 2018. Amongst other advantages – Cyber Essentials certification enables businesses to address this compliance requirement.