WGPlus (Archive)

It’s like an ‘perpetual state of war’ where individual ‘battles’ may be won but one knows there will always be others to be ‘fought’

The Cyber Security Breaches Survey 2017 reveals nearly 7 in 10 large businesses identified a breach or attack, with the average cost to large businesses of all breaches over the period being £20,000 and in some cases reaching £ms. The survey also shows businesses holding electronic personal data on customers were much more likely to suffer cyber breaches than those that do not (51% compared to 37%).

The most common breaches or attacks were via fraudulent emails - for example coaxing staff into revealing passwords or financial information, or opening dangerous attachments - followed by viruses & malware, such as people impersonating the organisation online and ransomware.

Businesses also identified these common breaches as their single most disruptive breach, and the vast majority of them could have been prevented using the Government-backed, industry supported Cyber Essentials scheme, a source of expert guidance showing how to protect against these threats.

Small businesses can also be hit particularly hard by attacks, with nearly 1 in 5 taking a day or more to recover from their most disruptive breach.  Cyber Essentials, technical advice on CiSP and regularly updated guidance on the NCSC website offers companies, big & small, simple steps that can significantly reduce the risk of a successful attack.

All businesses which hold personal data will have to make sure they are compliant with the new General Data Protection Regulation (GDPR) legislation from May 2018.  This will strengthen the right to data protection, which is a fundamental right, and allow individuals to have trust when they give their personal data.
Researched Links:

DCMS:  Almost half of UK firms hit by cyber breach or attack in the past year

DCMS Releases Cyber Breach Survey Findings – techUK response

Cyber-security Information Sharing Partnership (CiSP) - NCSC Site

NCSC publishes new report on criminal online activity

NCA:  Young cyber criminals motivated by peer respect & accomplishment

Home Office:  Baroness Shields' speech at the National Security Agency

techUK:  Building Trust In The Security of Cloud

New Quality & Assurance framework open now

Advice on managing enterprise security published after major cyber campaign detected

Universities of Edinburgh and Warwick become academic centres of cyber excellence

Garages, new homes & old offices: the records management mistakes that put health records at risk

Phishing awareness training can thwart cyber-attacks

NCSC and NCA threat report provides in-depth analysis of evolving threat

Many more than 23 Apprentices will be required to meet the UK’s need for cyber security experts

Two important news items courtesy of techUK

The Hacker Hardened Public Sector Enterprise: Practical Steps to Real Cyber Security

Big muscles not required!

Need to take action?

Trying to avoid being in a situation of playing ‘catch-up’

Less physical violence but emotionally the damage is just as great and can ‘ruin’ retirement plans, etc.

Not just GDPR to worry about; Blog posted by: Jo Pedder, Interim Head of Policy & Engagement at ICO, 06 April 2017

Still much more to be done by LAs to comply with Best Practice / Legal Requirements

ICO Blog about ‘GDPR’ posted by Jo Pedder, Interim Head of Policy & Engagement

Simplifying GDPR Compliance: How to mitigate risk and derive value as you take on the new regulation
How Lambeth Council undertakes effective know your citizen (KYC) / ID checks to prevent fraud