The importance of cyber security

Deborah Jepson

Security breaches, hacking, viruses, malware & phishing

Cyber security breaches: They are all over the news:

This August, the Police Service of Northern Ireland (PSNI) shared names of all police and civilian personnel, where they were based and their roles in unencrypted form. The details were then published online.

Only the day before, we learned that the UK’s elections watchdog was the victim of a “complex cyberattack” potentially affecting tens of millions of voters. Hackers had managed to gain access to copies of the electoral registers, accessing personal information of voters from August 2021 as well as breaking into emails and internal control systems.

And then back in July, we see data belonging to the University of the West of Scotland (UWS) has been put up for auction by an extortion cybergang. The incident has affected staff laptops, shut off around half of the university’s IT systems, and affected student submissions.

An alarming number of breaches at businesses & charities

According to the UK Government Official Statistics, the Cyber Security Breaches Survey 2023 reveals that around a third of businesses (32%) and a quarter of charities (24%) have experienced a cyber security breach or attack in the last 12 months.

This accounts for approximately 462,000 businesses and 48,000 registered charities.

Percentage of organisations that have identified breaches or attacks in the last 12 months

Source: Cyber Security Breaches Survey 2023

The report goes on to state that across all UK businesses, there were approximately 2.39 million instances of cyber crime and approximately 49,000 instances of fraud as a result of cyber crime in the last 12 months. Across charities, there were approximately 785,000 cyber crimes over this same period.

The education sector is also a target

And all types of education institutions are more likely to have identified cyber security breaches or attacks in the last 12 months than the average UK business.

Alarmingly, half (50%) of higher education institutions and three in ten further education colleges (31%) reported experiencing breaches or attacks at least weekly.

Percentage of organisations that have identified breaches or attacks in the last 12 months

What is cyber crime?

Cyber crime involves gaining unauthorised access, or causing damage, to computers, networks, data or other digital devices, or the information held on those devices. Examples of cyber crime include hacking or unauthorised access into online accounts (eg. banking, email or social media accounts), denial of service attacks, or devices being infected by a virus or other malicious software (including ransomware) as well as phishing attacks where staff unintentionally open an attachment in an email.

The most common form of cyberattack

The most common breach is phishing – such as staff receiving fraudulent emails or being directed to fraudulent websites. This is followed by others impersonating organisations in emails or online and then viruses or other malware.

Source: Cyber Security Breaches Survey 2023

Four in ten businesses (40%) and a similar proportion of charities (38%) say these breaches occur once a month or more often.

A fifth of businesses (21%) charities (19%) say they experience breaches or attacks at least once a week.

How secure is your organisation?

Cyber threats are here to stay – and are becoming more and more sophisticated.

Every organisation in every sector holds vast amounts of valuable data – personal data of children, staff bank accounts and addresses, medical records, and much more. This data is your most valuable asset and needs to be protected.

From password policies and agreed processes around phishing to a VPN for staff connecting remotely and rules for storing and moving personal data securely, how resilient is your organisation to cyber incidents?

Boost your cyber resilience

Cyber security needs to become a top priority for everyone – large enterprises, public sector organisations, SMEs, schools, and charities – no-one is exempt, and we all have the potential to be hacked.

From developing a formal cyber security strategy and deploying malware protection, to staff training about phishing and becoming independently certified by the government-endorsed Cyber Essentials scheme, there are several steps you can introduce to better protect your organisation from the threat of cyber crime.

Are you aware of your Microsoft 365 security score and what you need to do to improve it? Contact us to discuss how we can help you and read more how we help organisations become prepared and protected against cybercrime right here.