British SMEs Are Suffering A Surge In Cyber Attacks

Uploaded on 2020-09-02 in GOVERNMENT-National, FREE TO VIEW

In the UK there are 65,000 cyber security attacks on SMEs every day and around 4,500 of these are successful and this has increased since the beginning of Covid.

The findings come from a new report by global recruiter Robert Walters and data provider Vacancysoft called Cybersecurity: Building Business Resilience, which claims that the cost of data breaches to UK companies is around £2.48 million per instance.

Online Risk

Half of consumers (44%) have stated that they would stop using a company online if they were to be breached during a cyber-attack, concerning news for many retail and service operators who have pivoted their business to be more online in response to widespread lockdown measures. In May 2020 alone, ecommerce transactions grew by 168% and currently represent 27.5% of total retail sales this year, this is expected to grow to represent a third (32.1%) of all retail sales by 2024.

Darius Goodarzi, Principal - Information Security and IT Risk at Robert Walters, said: “Cyber-attacks rose to an all-time high in the last few years causing a great deal of media attention...“As the general public became increasingly aware of personal data and privacy issues, including the introduction of GDPR, cyber security increasingly became a ‘differentiator’ for brands in a market where customers demand more transparency." 

In fact, it appears the industry has started to wake up to its responsibility, with cyber security job vacancies within the Consumer Goods & Services sector increasing by 17% in the last year.

Remote Working

Lockdown measures have changed businesses working practices overnight. Where just 11% of UK businesses stated their entire workforce (at the same time) were able to work remotely pre-lockdown, this sky-rocketed to 70% once lockdown hit, with the majority of white-collar firms being able to push the button on remote working in less than a week.

Of the 70% who were able to do this under 7 days, over half (53%) of these firms in the UK were able to transition their staff to remote working in less than 48 hours. Despite having little notice, 71% of staff described the relocation to home working as seamless. However, little consideration by the government was given to the vulnerability of IT & Cloud security when businesses were told they must enforce remote working. In fact, half of companies (48%) admitted that they do not have adequate cyber security provision to maintain a 100% remote working model.

Whilst industries have vowed to step up their security game, it is predicted that the current £68bn spend on cybersecurity will need to be doubled, at the very least, to be up to scratch with new ways of working. 

In a period of rapid, non-legislated change, the question remains about where accountability lies regarding data breaches.
Nathan Tittensor, Director at i3Secure,  a UK-based Cyber Security and Data Protection consultancy, said: “After e-commerce, the next industry which we suspect will be looking at their security posture is the legal sector, in particular law firms. “Whilst the legal sector deals with high volumes of confidential information, they have never been mandated to have certifications around security.”

Banks Security

Due to a robust level of regulation placed on the banking and financial sector, the industry maintains its top position for IT security excellence. Cyber security hires in recent years have been driven largely by the need to facilitate secure open banking and stave off automated fraud and threat detection.

Ajay Hayre the Senior Consultant Technology at Robert Walters, said: “For the more mature financial institutions who have sufficient IT-security talent onboard it is not surprising to see the resilience the sector has had against Covid-19 related cyber threats, warranting a freeze in hiring. However, this has truly been the year for fintechs, who have increasingly been stepping into the space of traditional banks, playing an active role in the government bailout scheme, as well as obtaining licences to be able to deliver traditional banking services such as direct debits and overdrafts.”

Hayre concludes: “The urgent need for this sector to protect data in transit or in the cloud has led to a surge in cyber security hires of 37% since 2018. If fintechs follow the gold standard of their elder, more experienced siblings, traditional banks and financial service institutions, then their security protocols will not be of concern.”

The National Cyber Security Centre recommend a five step approach: 

1 – Backing up your data,

2 – Keeping smartphones safe,

3 – Using sensible password protection,

4- Avoiding phishing emails.

To reduce the negative effects of cyber hacking one very important part is to ensure your staff and management have effective cyber security training and here at Cyber Security Intelligence we recommend GoCyber for a free test trial please contact us.

NCSC:        UK Tech News:     Robert Walters:       Tele Media Online:     

You Might Also Read:

Seven Cyber Security Questions Businesses Need To Ask Themselves:

 

« The Canadian Government Comes Under Attack
Estonia’s Crucial Role In Tackling Growing Cyber Threats »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Deep Identity

Deep Identity

Deep Identity is a boutique system integrator, with expertise in tailored identity governance & administration (IGA) and identity access management (IAM) solutions.

Computing Technology Industry Association (CompTIA)

Computing Technology Industry Association (CompTIA)

CompTIA is dedicated to advancing industry growth through its educational programs, market research, networking events, professional certifications, and public policy advocacy.

Center for Applied Cybersecurity Research (CACR) - University of Indiana

Center for Applied Cybersecurity Research (CACR) - University of Indiana

CACR serves Indiana and the nation by tackling cyber risk in research and other unusual environments through agile, holistic, principle-based cybersecurity.

Secure IT Disposals

Secure IT Disposals

Secure IT Disposals specialise in professional Computer Recycling, Computer Disposals, Computer Destruction, Data Erasure and end-of-lifecycle solutions.

Security Innovation Network (SINET)

Security Innovation Network (SINET)

SINET is dedicated to building a cohesive, worldwide Cybersecurity community with the goal of accelerating innovation through collaboration.

SAP National Security Services (NS2)

SAP National Security Services (NS2)

SAP NS2 are dedicated to delivering the best of SAP innovation, from cloud to predictive analytics; machine learning to data fusion.

Wavex Technology

Wavex Technology

Wavex Technology is an award winning IT Services firm offering clients a secure and fully managed IT service.

FYEO

FYEO

FYEO is a threat monitoring and identity access management platform for consumers, enterprises and SMBs.

E2E Technologies

E2E Technologies

E2E Technologies are a proactive, SLA-beating, managed service provider that busts the common stereotypes surrounding IT.

IN4 Group

IN4 Group

IN4 Group is a skills, innovation and start-up services provider that specialises in supporting businesses with the training, communities, networks and advice they need to scale.

Tidal Cyber

Tidal Cyber

We formed Tidal for one simple reason—we believe that defenders need and deserve tools and services that make achieving the benefits of threat-informed defense practical and sustainable.

Custom Computer Specialist (CCS)

Custom Computer Specialist (CCS)

CCS offers an extensive range of services including cybersecurity solutions, consulting, implementation, and support to help our clients maximize the value derived from IT investments.

Seal Security

Seal Security

Seal Security revolutionizes software supply chain security operations, empowering organizations to automate and scale their open source vulnerability remediation and patch management.

Hartman Executive Advisors

Hartman Executive Advisors

Hartman Executive Advisors is an unbiased IT and cyber advisory firm uniquely designed to help mid-market executives maximize their IT investments.

Health Sector Cybersecurity Coordination Center (HC3)

Health Sector Cybersecurity Coordination Center (HC3)

HC3 was created by the US Department of Health and Human Services to aid in the protection of vital, controlled, healthcare-related information.

Permiso Security

Permiso Security

Permiso combines industry leading Identity Security Posture Management with Identity Threat Detection and Response, leaving no place to hide for identity threats lurking in your environment.