Cybercrime is on the rise, with recent figures indicating that UK local authorities have paid out £10 million over the past five years alone due to cyber-attacks.
This is of obvious concern and begs the question, what has led to this increase in attacks and how can organisations and businesses protect themselves?
It is probably fair to say that businesses are more ‘online’ than ever before, largely owing to the Covid-19 pandemic – with organisations embracing digitalisation as a means of improving online/remote access to their services.
Moving towards a more digital way of doing business has numerous benefits in terms organisational agility and resilience, but unfortunately has also served to highlight the real and ever-present risk of cyber-attack.
According to recent statistics published by insurance broking and risk management services provider Gallagher, local authorities within the UK are experiencing an average of 10,000 attempted or successful cyber-attacks every single day and have seen a 14 per cent year-on-year increase in incidents to over two million so far this year.
The data also reveals that phishing attacks are by some margin the biggest threat facing local authorities, with 75 per cent of those surveyed saying these were the most common form of attack.
Distributed denial of service (DDoS) attacks were the second most common type of attack and ranked as the top threat for 6% of respondents.
These are worrying figures, as cyber-attacks have the potential to cripple organisations and can have longstanding detrimental effects on reputation, efficiency and finances.
Perhaps even more concerning is that this threat is not limited to councils or local government, businesses across all sectors are vulnerable to cyber-attacks.
Gallagher research revealed that 15% of UK business owners cite cyber-crime is one of their biggest risks, specifically driven by the increased reliance on technology post-pandemic.
Therefore, utilising appropriate safeguards to protect data should be a number one priority for all businesses as when it comes to business cyber security, it is always better to take a proactive approach.
There are a several ways businesses can enhance their cybersecurity, including setting secure passwords (password123 won’t cut it!), enabling multi-factor authentication and limiting access to confidential data.
It is also recommended that organisations work with external experts to undertake a cyber risk assessment which can help identify necessary security measures including firewalls, anti-virus protection, penetration testing and endpoint security – all valuable tools for protecting data, reputation and future growth prospects.
Businesses should also be aware of the potential risks associated with third-party suppliers and whether they operate in a sector that is especially vulnerable to attack.
The cyber essentials certification is also an important consideration for business organisations, as this government backed scheme can afford additional protection against a variety of common cyber-attacks.
By taking appropriate protective action, businesses across all sectors can avoid the potential devastating results of successful cyber-attacks.
With the threat of cyber-crime continuing to grow, it is never too early to act.