Cyber threats have become increasingly frequent and sophisticated in recent years, and businesses of all sizes and industries are vulnerable to these attacks. In fact, gov.uk recently reported that 39% of UK businesses have experienced a cyber attack in 2022 and of these businesses, 31% estimate they were attacked at least once a week. In 2023, it is more crucial than ever to protect your business from cyber attacks like these in order to safeguard your operations, reputation, and financial health.
David Gristwood is a Learning Lead for Access Learning course content. He specialises in course design for Cyber security training.
In this blog he covers 4 areas you should run through to make sure you’ve got your business’ cyber resilience covered:
-
- Cyber attack response planning
- Staff knowledge to protect your business from cyber attacks
- Cyber Security Policies
- Supply chain weaknesses
For further support you can also access our free guide – Making Your Workforce Cyber Resilient
Estimated read time: 4 minutes
David Gristwood is a Learning Lead for Access Learning course content. He specialises in course design for Cyber security training.
In this blog he covers:
-
- The latest Cyber Crime statistics
- What is a cyber attack?
- What is phishing, and how to prevent phishing attacks
- What is malware, and how to prevent malware attacks
- What is whaling, and how to prevent whaling attacks
- Free guide, ‘How to make your workforce cyber resilient’
Average read time: 4 minutes
Back in 2018, The Telegraph reported that cyber-attacks were one of the biggest threats to face schools. Since then, the use of digital systems has rapidly accelerated across the education sector - making data security a top priority.
One of the first things I would say is that school leaders need to accept the extent of the challenge. Cyber criminals are becoming increasingly sophisticated and a robust cyber security strategy must involve the whole school team.
- Topic:
- Education
A recent survey found that HR was one of the primary industry sectors targeted by cyber-attacks.
The survey found that 60% of the reported data breaches in organisations were a result of successful cyber-attacks through HR functions, with some organisations reporting more than one data breach.
We look at the reasons why HR is often a target for cyber criminals and the key ways that HR professionals can put in place measures to help prevent cyber-attacks in their organisations.
- Topic:
- Human Resources
Even before Coronavirus flipped most working models on their head - from office-based to home-based/remote - for the majority of knowledge workers at least, there has been an increasing trend for work-from-home (WFH) and work-from-anywhere (WFA) offerings as employers look to increase their appeal to the global talent pool.
As things begin to return to ‘normal’ across the globe, an enormous appetite for at least some flexibility on how much time employees spend working from the office every week remains.
Though on a small-scale basis this may not have provided too much of an issue, en masse it can become a big compliance headache if not managed effectively.
So just what are these compliance challenges, and what can L&D do to ensure that not only are remote workers kept safe, but that the business complies with relevant regulations too?
Once upon a crime…
Here’s a quick story. My eldest son is a pretty typical 17-year-old. He has his own bank account, with a card, and loves finding great deals online, mostly via the family’s tablet. Recently, an advert for a well-known retailer grabbed his attention. It was selling a favoured brand of trainers at an incredible price. He clicked on the link, was taken to a site he recognised, registered the usual information – including bank details – and placed an order. The trainers should have arrived within two days, but a week later nothing had appeared. It was around then that I noticed a ‘Thank You’ pop-up related to the order, which also promised more great deals on the website. It looked suspicious so I closed it down, asked my son about it and heard about the deal. I then checked the website of the retailer directly, only to find there was no such offer. We contacted the bank, cancelled the card, performed an antivirus scan on the device and changed the passwords for all its apps and accounts. Suffice to say, the trainers never arrived. We’d been defrauded.
The reason for recounting this tale is a belief that personal stories can play a really valuable role within training, giving people the confidence to talk about and share experiences with colleagues and managers – and that matters, because now more than ever employees have a vital role to play in businesses’ resilience against the ever-growing threat of cyber-attacks and data breaches.
After almost a year of remote working, Brian Rogers FCMI, Regulatory Director at Access Legal, explains the rationale behind increased spending on cyber-security among law firms.
When the UK first locked down almost a year ago, even law firms with a deeply rooted culture of presenteeism had no choice but to adapt quickly to remote working. Concerns that people might be less productive or ‘available’ at home were overshadowed by the unfolding events.
No matter how well-equipped they were, firms didn’t only have to maintain continuity of service to clients but also manage cyber-risk in this highly regulated environment.
Staff-owned devices, which hadn’t undergone the usual IT checks, created vulnerabilities for some law firms, especially if they were running unsupported systems like Windows 7. Poor communication and lack of supervision could have been another issue, leading people to install unauthorised applications or find a workaround rather than asking for help.
The past year has been an opportunity for firms to take stock of their security practices and the steps they can take to limit the chances of a damaging cyber-attack and data protection breach.
According to one study,[1] more than half of firms are increasing their technology spend because of the pandemic and it’s worth noting where this is being channeled. As many as 77% say their priority is ‘remote working and agile teams’ and just under half said cyber-security. The survey also revealed a clear appetite for process automation, business intelligence and client collaboration.
This is clearly good news and could be a major change of direction for the industry. Technology empowers workforces to be more efficient, productive and compliant, whether they’re at home or in the office. It promotes greater collaboration and transparency, improving workflows rather than creating barriers. Had it not been for the pandemic, widespread remote working might have remained a distant possibility for years. Now it is a reality, what steps can firms take to make it a viable long-term option?
- Topic:
- Legal
The scale and impact of cybercrime continues to increase. Our new ‘home working’ environment during the Covid-19 pandemic has shone a bright light on the importance of secure behaviours and the role we all have to protect our oprganisations reputation from cyber-attack or data breach. Systems are more open to attack because of our human error, so it is critical that firms ensure they have the training, policies, controls and procedures in place to mitigate the risks of being targeted.
- Topic:
- Legal
UK Finance, the trade body for the banking and finance industry in the UK, warned last year about the top 10 cyber fraud scams used during the Covid-19 crisis to trick people and organisations out of hard-won cash and company revenues. Many of these scams still apply in the current climate. They are as follows:
The professional reputation of any law firm plays a critical role in their continued success. A strong reputation attracts people, clients and long-term relationships. But reputations can be fragile. As Warren Buffett said: “It takes 20 years to build a reputation and 5 minutes to ruin it.” With law firms handling the most sensitive, and therefore often most valuable, data and information on behalf of clients they continue to be one of the biggest targets for cyber criminals.
Some of the most recent embarrassing and high profile attacks have involved law firms. The UK’s National Cyber Security Centre reported late in 2019 that there had been a significant 42% increase in reported incidents in law firms over the last 5 years. But what can be done?
- Topic:
- Legal
