Business leaders must be fully prepared in the increasingly complicated fight against breaches of data, hacking and phishing scams. Figures published by the government in 2017 revealed that almost half of all UK firms were hit by a cyber breach or attack in the previous year.
The number of attacks is rising each year, and it has been estimated that online fraud and cybercrime cost the UK over £11bn in 2016. All of which explains why the issue of cyber security is no longer just a priority for the IT department, but also for the boardroom…
The IoD Open House event in March will, amongst other topics, shed light on the often confusing world of online security and data protection, with a number of speakers, sessions, and panel discussions. Until then though, here are seven shocking cyber security facts to bear in mind when considering your business presence online:
1. The UK’s 5.4 million small businesses are collectively attacked more than seven million times a year
This costs the UK economy a staggering £5.26bn, according to a survey carried out by the Federation of Small Businesses. Although 93 per cent of small businesses have some kind of cyber security in place, around 66 per cent have been a victim of cyber crime in the last two years. During that period, those affected have been victims on four occasions on average.
2. One of the biggest threats to data safety can come from BYOD – “bring your own device”
In many cases when staff bring personal devices such as laptops, tablets and smartphones into work, they are not protected by the company’s security network, which presents an opportunity for hackers to directly access company data through these devices. Be particularly vigilant in the period after Christmas when new devices are being used for the first time.
3. ‘Whaling’ has become a boom industry
In 2016, Austrian aerospace parts maker FACC was swindled out of a colossal €42m (£37m) by hackers using a phishing scam known as ‘whaling’. This scam targets a company’s CEO or finance officer – aka the ‘one big fish’ – by tricking them into rushing through a large payment for a fake acquisition. According to a report by the Federal Bureau of Investigation (FBI) in June last year, identified losses from this type of scam came to £3.1bn (£2.4bn) and had risen by 1,300 per cent in 18 months.
4. Over 43 per cent of IoD members don’t know where their company’s data is physically stored
The IoD conducted a Policy Voice Survey in 2016 focusing specifically on cyber security, investigating how fast the pace of technology is changing our members’ attitudes and views on cyber security. The fact that so many respondents didn’t know where their data is stored is a truly frightening statistic. It effectively means businesses are losing control of their organisation’s data, which may well be the biggest asset of a business.
5. 72 per cent of respondents to the IoD’s Policy Voice survey have received a bogus invoice
This shows the extent of social engineering and how the internet can be used to defraud businesses. Along with false house purchase completion requests for solicitors, this is truly alarming, and is why human interaction with technology needs to be failsafe, and why cyber is becoming a largely human problem.
6. Cybercrime accounted for almost 30 per cent of all crimes recorded in the UK from July 2016 to July 2017
Figures issued by Office for National Statistics revealed an alarming fact about the extent of online crime in this country. There were also 2.5 million incidents of bank and credit card fraud. It should also be noted that these are only cases reported to the authorities; the real figure is undoubtedly and significantly higher.
7. On average, it takes 120 days for a business to know that its data has been compromised
According to a UK government report published in 2016, 25 of the large firms who detected a cyber security breach or attack in the past year experienced a breach at least once per month.