March 9th 2018
IT Security | Do you have a weak link?
BUSINESS CYBERCRIME STATISTICS
Cyber Attacks are on the rise, according to an IT Governance Blog, in January 2018 there were 7,073,069 data breaches and cyber-attacks, just in that one month. These are most likely small-scale attacks that are easier to carry out, therefore frequent.
But, let’s not forget the May 2017 worldwide WannaCry ransomware outbreak, which according to the NCSC 2017 Annual Review, affected over 100 countries and over 230,000 computers. What made headline news in the UK was that the ransomware affected 47 NHS trusts and foundations who did not have sufficient security to protect themselves from the attack.
Shockingly, Big Brother Watch had reported that between 2013 to 2017, UK local authorities have been targeted to at least 98 million cyber-attacks, and that out of 395 UK local councils, 114had reported that they had experienced at least one cybersecurity incident within that time period.
EXACTLY, HOW BIG IS THE THREAT OF CYBERCRIME?
Very big. Statistics from Microsoft say that the total cost of cybercrime to the global economy could be as high as £355 billion, which is more than the GDP of Belgium. And, according to Cybersecurity Ventures, cybercrime will cost the world £4.3 trillion annually by 2021, a figure that is based on historical statistics that include a year-over-year growth of cybercrime.
If you’re wondering if cybercrime is a threat to your business, you should be. Research from Beaming revealed that in 2016, more than half of British businesses fell victim to some form of cybercrime at the cost of £29.1 billion. This is up £8.1 billion from the £21 billion figure reported by Detica in 2011. Additionally, the report concluded that the most targeted and affected businesses were:
- Software & Computer Services
- Pharmaceutical Services
- Financial Services
- Electronic & Electrical Equipment Suppliers
- Biotech Industry
WHAT IS THE COST OF CYBER-ATTACKS TO A BUSINESS?
But, how could a cyber-attack affect your business? Well, the UK government’s Cyber Security Breaches Survey 2017 concluded that the average cybersecurity breach for a small to medium-sized business had cost £1570, and to a large business £19,600.
STATS FROM UK BUSINESSES
Here is some interesting data from a report commissioned by the Department for Digital, Culture, Media & Sport which took into account a telephone survey from 1523 UK businesses(Oct 2016 to Jan 2017) and 30 in-depth follow-up interviews (Jan-Feb 2017) to businesses that took part in a telephone survey.
61% of businesses hold their customer’s personal information online, which shows why businesses are a big target of cyber-attacks. However, only 11% of those businesses have a cybersecurity incident management plan in place, even though 46% had identified at least one breach or attack in 2016.
WHAT ARE THE MOST COMMON CYBERSECURITY BREACHES?
Fraudulent emails are the most common type of breach, with 72% of cases where firms had identified a breach. This makes sense because 91% of businesses in the survey have an email address for their organisation or employees, which is the most popular form of online service that the businesses employ.
The next most common breach are viruses, malware and spyware with 33%. And following, the next most common cybersecurity breach is impersonation of the organisation online or in an email.
This data is roughly backed up by the Beaming Press Release which had a much larger business database to take in.
WHAT ARE BUSINESSES DOING TO PROTECT THEMSELVES FROM CYBER-ATTACKS?
Quite frankly, businesses aren’t doing enough to protect themselves. The Cyber Security Breaches 2017 Survey also reported that even though more than half of businesses hold their customer’s personal data online, only 58% of businesses have hunted down more information or guidance on the cyber threats that they have faced over the past year.
52% of businesses have carried out the essential security recommendations across the five areas that are laid out under the Government-endorsed Cyber Essentials scheme. While a further 57% have tried in the past to identify any cybersecurity risks that they could face to prepare themselves.
Even though fraudulent emails or phishing requires a business’s staff to interact, only 20% of businesses provide their staff with cybersecurity training and only 33% have formal policies regarding cybersecurity in place.
Only 67% of businesses have invested on their cybersecurity, with 87% of those businesses being of medium size (50 to 249 employees) and 91% of those businesses being large-sized (250+ employees). This is probably because the bigger a business is, the more customer data they will usually have, meaning more data for cybercriminals to steal or blackmail the businesses with.
WHAT SERVICES DO YOU PROVIDE THAT CAN PROTECT MY BUSINESS FROM CYBERCRIME?
The risk of breach is getting higher and higher, as well as the severity. We offer a range of cost-effective IT Solutions, from our Online Disaster Recover Service to back up your valuable files and emails, to an Antispam Solution to filter out any malicious emails from reaching your staff, to our Antivirus service that protects you from known viruses whilst also protecting you from new viruses that haven’t even been detected yet.
We even offer a Phishing Experiment to test your employees understanding of the potential phishing threats that are out there. We will randomly send out emails to your staff to test their gullibility, whether it be an email that impersonates your Finance Team asking your staff to ‘validate’ their account details or an email that impersonates your Head of IT to get your staff to send over their current passwords. At the end of the experiment, we will send a report so you can see if your staff are knowledgeable and trained in cybersecurity.
Our Managed IT Service can provide you with a tailored IT support service, to manage any problems and maintenance that is specific to your business. Keeping everything up-to-date will, in turn, reduce the risk of cyber-attacks against your business.
However, if you just want the basics, we can make sure that your business is able to cover the essential security recommendations that are advocated by the Government-endorsed Cyber Essentials scheme. Just email us at email@example.com or call us on 0343 507 1111 for more information.