By John Levis
2022-10-26
As we approach the end of October and ever closer to Halloween it’s time to talk about cyber threats and best practices to prevent them. Although this may not seem as fun as trick-or-treating, October is an important time to give you pointers on how to protect your online presence.
In a recent Cyber Security Breaches Survey 2022 there are some spooky key findings.
The survey results show that in the last 12 months, 39% of UK businesses identified a cyber attack, remaining consistent with previous years of the survey. However, we also find that enhanced cyber security leads to higher identification of attacks, suggesting that fewer mature cyber organisations in this space may be underreporting.
Of the 39% of UK businesses that identified an attack, the most common threat vector was phishing attempts (83%). This is a rise from the previous data collected in 2017 which was 72%.
Within the group of organisations reporting cyber-attacks, 31% of businesses and 26% of charities estimate they were attacked at least once a week.
Looking at organisations reporting a material outcome, such as loss of money or data, gives an average estimated cost of all cyber-attacks in the last 12 months of £4,200. Considering only medium and large businesses; the figure rises to £19,400.
Among those that have identified any breaches or attacks, around two-thirds of businesses (62%) take action to prevent further breaches. This is a similar finding to 2021. Significantly fewer charities take action to prevent breaches compared to last year (57% vs. 69% in 2021).
The figures above are spooky but don't worry VeryPC is here to help. We have a range of products to help you prevent future attacks.
The types of breaches that organisations have reported in the last 12 months are most commonly phishing. Staff are receiving fraudulent emails or being directed to fraudulent websites. This is followed, to a lesser extent, by impersonation where outsiders pretend to be members of the recipient’s organisation in emails or online, and finally viruses or other malware.
Now you can train your staff to be aware of potential phishing email threats at a time when cyber attacks are increasingly on the rise. Security awareness training software is proven to change user's behaviour and it's something we use right here in-house at VeryPC.
You can train your users with an initial online training program featuring interactive modules, videos and games. However, the real strength of this software is being able to phish your own users. You can choose from thousands of "known to work" templates and then you can track if a user opens any attachments, clicks a link or even replies to the phishing email you have sent to them. With enterprise-strength reporting, you'll be able to see the statistics for both the training and testing modules.
Although just over a third of businesses (37%) and just under a third of charities (31%) require employees to use two-factor authentication, it's becoming an everyday necessity.
Two-factor authentication often referred to as 2FA is an additional layer of protection against cyber criminals and phishing attacks. Put simply, two-factor authentication adds an extra layer of security and protection to your online accounts and verifies your identity using a second factor (e.g. your phone or other mobile devices).
Even if someone knows your password, they will be prevented from being able to access your account without having your mobile device (the second factor).
Contact us today to speak with either me or another of our specialists on Cyber Security.
Official Statistics from GOV.UK.