top of page

Cyber Incidents (Cyber Crime, IT Failure), Data Breaches

According to the UK Cyber Security Breaches Survey 2022, almost 32% of businesses were subjected to some form of cyber-attack in the past 12 months. The report highlights only ‘known’ incidents and the percentage is widely regarded as being under-stated. These are not one-off incidents. Of the organisations reporting attacks, almost one-third said they occurred at least once a week.

Many organisations rely upon information systems to carry out business or nationally critical functions and employ digital technologies to manage safety, security and engineering systems. As a result, businesses can become vulnerable to threats that undermine their confidentiality, integrity or accessibility. The consequences of such incidents can be significant to organisations, leading to loss of reputation, damage to assets, regulatory fines or result in physical injury.​​

Cyber Risk Assessment

In order to understand the cyber risk to your business, you should conduct a Cyber Risk Assessment. This will help to ensure that your approach to cyber security is proportionate. It is important to recognise that the risk assessment is a continuous, on-going process which you will need to revisit as your business changes and/or threats evolve.

Assessment of the risk, essentially involves identifying:

  • The nature and extent of digital technologies and systems which are business critical.

  • Who or what might pose a risk of attack?

  • How they may be vulnerable.

​​​​​​​​​​​​​​

This information will allow you to focus on the cyber security needs.

 

Cyber Security

Cyber security involves the application of technologies, processes and controls to protect systems, networks, programs, devices and data from cyber-attacks. It aims to reduce the risk of cyber-attacks and protect against the unauthorised exploitation of systems, networks and technologies.

Key security measures for SME businesses should include:

  • Backing-up of important data

  • Protection against malware

  • Keeping smartphones and tablets safe

  • Using passwords to protect data

  • Avoid phishing attacks

​​​​​​​​​​​​​​​​​​

Cyber security can be further enhanced by seeking certification under the Cyber Essentials scheme, which has the benefit of demonstrating to your clients (or prospective clients) that you take the protection of their data seriously, details of which can be found at  www.ncsc.gov.uk/cyberessentials/overview

 

Sources of Reference

For detailed guidance, reference should be made to the Cyber Security Small Business Guide published by the National Cyber Security Centre (NCSC) available at  www.ncsc.gov.uk/collection/small-business-guide/protecting-your-organisation-malware.  Further information on a full range of cyber security matters can be obtained from visiting the home page of the NCSC at www.ncsc.gov.uk/section/advice-guidance/all-topics .

bottom of page