Recent research by leading technology services provider Probrand, is revealing the top industries that have been impacted by Cyber Crime over the past year.
Analysing GOV.UK, the Birmingham-based technology services provider has also provided tips on how businesses can properly protect themselves against these cyber threats in its recent Ultimate Guide to Cyber Security report.
Cyber security has become a growing concern for businesses across the country, with GOV.UK revealing half of UK businesses in the winter of 2023/24 reported some form of cyber security attack in the past 12 months, while searches for ‘Cyber Security attacks’ increased by 250% over the past year according to Google Trends data.
When analysing Statista data, it revealed the finance industry was most impacted by basic web application attacks with 184 incidents reported over the past two years. Closely followed by the Information Industry (144 incidents) and Professional Industries (127 incidents).
Other industries impacted included Public Administration (106 incidents), Manufacturing (77 incidents) and Healthcare (64 incidents).
Despite this, in Probrand’s latest report, it revealed nearly half of UK employers (48%) don’t currently offer any form of cybersecurity awareness training for employees, while 69% still use weak passwords to access important documents.
Discussing these results in more detail, Matt Royle, Marketing Director at Probrand said, “It is not unexpected to see the increase in businesses being targeted and impacted by cyber risks.
“However, it is concerning to discover only half of UK businesses offer any form of cyber security awareness training for employees. This is of vital importance if we are to improve one of the weakest links in our cyber defences, people. It’s important for employers to offer the right training and testing to employees, so they can spot issues early, report them and help protect the business from the financial impact of a cyber attack.
“Looking at the last 12 months of gov.uk trend data, we can see there has been approximately 924,000 cyber crimes committed. The most targeted industries include Finance, Information and Professional services, with charities also being targeted consistently. These industries are being targeted for many reasons, including their mission critical data, financial resources and Intellectual Property.
“It is worth noting that cyber criminals are already moving to target the latest technology advances in Multi-Factor Authentication. As technology and cyber crime develops, so does the evolution of tactics to capitalise on human error.
“These include social engineering, phishing and ransomware attacks, in particular, using sophisticated approaches often powered by Ai tools. “Given these trends, it’s essential for businesses of all sizes within these high-risk sectors to take proactive steps in strengthening their cyber defences. This involves not only technological upgrades but also a strong emphasis on cybersecurity training and awareness at every level of the organisation.”
As a result of this, Probrand has provided some simple and easy first steps to help businesses protect themselves from a digital attack:
-
Go ‘passwordless’
The new direction in the industry is ‘passwordless’ authentication in conjunction with Single Sign On (SSO). It has become clear that if users are forced to remember new passwords often, it results in them using easier to remember (but likely weaker) passwords. They will simply reuse existing passwords or just make slight adjustments, thus not really resulting in a truly ‘changed’ password at all!
‘Passwordless’ solutions like passkeys, physical tokens (e.g. Yubikey), and biometrics are increasingly seen as more secure, by removing the burden of having to remember complex passwords or passphrases. Thus, ease of use is improved for the user, but maintains, or even increases, the barrier for cyber criminals. Modern approaches are standards-based, and phishing-resistant, plus fully supported by modern identity management solutions.
-
Replace your old firewall
If your firewall is over three years old then it’s time to replace it – out of date technology does not defend against increasingly complex and evolving modern day threats. Firewalls provide protection against outside cyber attackers by shielding computers and networks from malicious or unnecessary traffic.
Firewalls can also prevent malicious software from accessing a computer or network via the internet. Be sure it is configured by experts to turn on features to block certain types of traffic or applications whilst letting necessary data through.
-
Enable Multi-Factor Authorisation
Enabling MFA is increasingly required for secure access and cyber insurance policies. Not having MFA enabled poses a significant risk, as it allows unauthorised access with compromised credentials, making accounts vulnerable to cyber threats and security breaches. So, make sure this is done across multiple platforms, especially the increasingly sensitive or important ones. This is normally also free to do, so a quick and easy step to protecting your business.
-
Develop strong policies for employees
Ensuring strong policies are in place for cyber security is essential in keeping your business protected from threats. On top of this, it is also crucial to have an incident response plan, this can be established so employees can understand what needs to be done in the event of a cyber attack.
-
Training
Neglecting employee cyber awareness training exposes an organisation to heightened risks. Staff may inadvertently fall prey to phishing attacks, lack awareness of cybersecurity protocols, and become potential vectors for cyber threats. Investing in training is crucial to fortify the human layer of defence and mitigate security vulnerabilities.
So, it’s important staff are knowledgeable on the risks and impact of these attacks and training is the key to this. Try using simulated phishing exercises to test and educate employees on recognising and avoiding phishing attempts, this is a great way to test if the training is working. Promote a reporting culture, so encourage a culture of reporting suspicious activities and mistakes, fostering a proactive stance against potential cyber threats.
Most Targeted Industries By Basic Web Application Cyber Incidents:
- Finance – 184
- Information – 144
- Professional – 127
- Public Administration – 106
- Manufacturing – 77
- Healthcare – 64
Leave a Comment