‘The Cyber Threat to UK Business’, the first joint report by the new National Cyber Security Centre (NCSC) and the National Crime Agency (NCA), presented a rather disheartening outlook for the digital safety and security of UK organisations. In fact, three months after it became operational in October 2016, the NCSC has had to address 188 high-level cyber attacks.
The report also identified current trends in cyber threats, which include the following:
- The technical skill required to successfully carry out a cyber attack continues to decrease, as malware and services, such as distributed denial of service (DDoS) attacks, can be acquired on the dark web without much difficulty.
- The ever-increasing number of internet-connected devices—including mobiles, wearables and smart appliances—provides cyber criminals with significant opportunities for attacks.
- Threat actors, which are either individuals or software that are responsible for incidents that breach an organisation’s security, are learning skills and methodologies from one another.
Multinational defence and security company, BAE Systems has produced a different survey which also paints a bleak picture for digital safety. According to their survey, despite the fact that 79% of surveyed UK organisations have some type of cyber defences, 57% of those organisations have experienced at least one cyber attack within the last 12 months.
More importantly, 35% of UK businesses have admitted that even after a cyber security incident, they have not changed their behaviour or digital safety systems. On average, cyber attacks cost organisations £330,000. This doesn’t even include the cost of business disruptions or the loss of reputation. The case is certainly clear for businesses to look much more closely at protecting themselves from the threat of cyber attacks.
The good news is that 28 per cent of UK businesses indicate they plan on taking out cyber cover this year in response to these cyber threats and 59 per cent plan on increasing their cyber security budgets, according to industry research. To protect your business, the NCSC has offered the following advice:
- Report cyber attacks to Action Fraud at 0300 123 2040.
- Invest in cyber security, which should include robust anti-virus and malware detection software, as well as cyber cover.
- Provide your employees with basic cyber security training, which outlines risky online behaviour.
For more help managing cyber risk, please speak to a member of one of our commercial teams today.