WGPlus (Archive)
It’s like an ‘perpetual state of war’ where individual ‘battles’ may be won but one knows there will always be others to be ‘fought’ |
The Cyber Security Breaches Survey 2017 reveals nearly 7 in 10 large businesses identified a breach or attack, with the average cost to large businesses of all breaches over the period being £20,000 and in some cases reaching £ms. The survey also shows businesses holding electronic personal data on customers were much more likely to suffer cyber breaches than those that do not (51% compared to 37%). The most common breaches or attacks were via fraudulent emails - for example coaxing staff into revealing passwords or financial information, or opening dangerous attachments - followed by viruses & malware, such as people impersonating the organisation online and ransomware. Businesses also identified these common breaches as their single most disruptive breach, and the vast majority of them could have been prevented using the Government-backed, industry supported Cyber Essentials scheme, a source of expert guidance showing how to protect against these threats. Small businesses can also be hit particularly hard by attacks, with nearly 1 in 5 taking a day or more to recover from their most disruptive breach. Cyber Essentials, technical advice on CiSP and regularly updated guidance on the NCSC website offers companies, big & small, simple steps that can significantly reduce the risk of a successful attack. All businesses which hold personal data will have to make sure they are compliant with the new General Data Protection Regulation (GDPR) legislation from May 2018. This will strengthen the right to data protection, which is a fundamental right, and allow individuals to have trust when they give their personal data. |
Researched Links: |
DCMS: Almost half of UK firms hit by cyber breach or attack in the past year DCMS Releases Cyber Breach Survey Findings – techUK response Cyber-security Information Sharing Partnership (CiSP) - NCSC Site NCSC publishes new report on criminal online activity NCA: Young cyber criminals motivated by peer respect & accomplishment Home Office: Baroness Shields' speech at the National Security Agency techUK: Building Trust In The Security of Cloud New Quality & Assurance framework open now Advice on managing enterprise security published after major cyber campaign detected Universities of Edinburgh and Warwick become academic centres of cyber excellence Garages, new homes & old offices: the records management mistakes that put health records at risk Phishing awareness training can thwart cyber-attacks NCSC and NCA threat report provides in-depth analysis of evolving threat Many more than 23 Apprentices will be required to meet the UK’s need for cyber security experts Two important news items courtesy of techUK The Hacker Hardened Public Sector Enterprise: Practical Steps to Real Cyber Security Trying to avoid being in a situation of playing ‘catch-up’ Still much more to be done by LAs to comply with Best Practice / Legal Requirements ICO Blog about ‘GDPR’ posted by Jo Pedder, Interim Head of Policy & Engagement Simplifying GDPR Compliance: How to mitigate risk and derive value as you take on the new regulation |