The Government has recently published its Cyber Security Breaches survey results to help make the UK cyber space a secure place to do business. The results show that in the last 12 months, a massive 39% of UK businesses identified a cyber-attack. Our blog below highlights the financial risks of a cyber security breach as well as some tips to help you keep your business safe.
Why are cyber-attacks increasing?
Since the Covid-19 pandemic, many organisations have changed the way they work. This includes less people in the office and more people working from their computers, accessing the internet and cloud via multiple devices at home. Hackers are taking advantage of this change accessing the increasing number of entry points and seeking opportunities to target unsuspecting employees and vulnerable businesses.
The Government’s survey results revealed that 31% of businesses and 26% of charities estimate they were attacked at least once a week in the last 12 months, and that only 19% of businesses have a formal incident response plan in place when a security breach incident occurs - suggesting that organisations need to do more to protect themselves from future attacks.
Phishing attempts
Of the 39% of UK businesses who identified an attack in the government survey, phishing attempts were recognised as the most common threat – an alarming 83%. Examples of these types of attacks can include:
- Invoice redirection – Posing as a known creditor or supplier, fraudsters make contact via a number of different channels, to tell you their company’s bank details have changed, providing new sort code and account numbers. Always check with your contacts via a separate communication whether this is actually true.
- Bogus boss – Bogus emails are sent to staff claiming to be from a senior member of staff within the organisation such as a Director, CEO or Chairman etc. requesting an urgent payment. They will often say that the payment is needed due to exceptional circumstances and needs to be carried out immediately.
- Fake HMRC email – Fraudsters send an email with a subject that reads “You have received new messages from HMRC” or “Unsuccessful submission for Reference 039-QV73259” and using a ‘from’ name such as “Gateway Confirmation”. Although the body of the email will have the HMRC logo and reference the legitimate web address www.gov.uk – this is not a genuine email from HMRC; it is a very believable scam email.
Cost of a cyber attack
For medium and large businesses, a figure of £19,400 was reported as a material outcome resulting from all cyber-attacks in the last 12 months, such as loss of money or data.
Attacks can take valuable time away from your business especially when threatened by a denial of service, malware, or ransomware attack, and as we all know, time is money!
The figures could be much higher if your business is impacted by the loss of customers or employees who decide to go elsewhere having potentially been affected and left violated by a cyber-attack on your business.
How can you reduce your risk of a cyber-attack?
- Take advantage of funding available, for example in the Spring 2022 Statement, the Chancellor announced an initiative to help firms adopt new digital technologies, with Help to Grow: Digital, offering eligible SMEs a 50% discount on approved software worth up to £5,000.
- Speak to a cyber-security specialist or appoint an internal IT team to help implement a strategy covering:
- An audit of security highlighting what is in place and what needs to be implemented, what are the potential entry points for a hacker, etc.
- A formal cyber-attack identification and reporting process
- Analysis of losses to the business
- Evaluation and learnings from a cyber-attack.
- Regular updating of passwords and installing encryption software, ensuring all sensitive customer, employee and business financial data is secure, as well as intellectual property is protected from the wrong hands.
- Train your employees with protocols on how to stay safe when working at home.
- Ensure you have Cyber Insurance in place that could cover you for financial losses incurred as a result of a cyber-attack.
- Take a look at the following guides provided by the National Cyber Security Centre:
Access LWA’s networked services
LWA are happy to provide introductions to our network of clients and contacts if there is a match for your business. To access our Business Support & Networked Services, get in touch with a member of our team in Warrington on 01925 830 830 or Manchester 0161 905 1801, to see if we can help you improve your cyber security protection.