Halloween isn’t the only scary thing about October. This month is Cyber Security Awareness Month too and we wanted to remind you what this means and what we can do to help.
What’s it all about?
Cyber Security Awareness is a campaign to raise awareness of the importance of cyber security. It’s aim is to help individuals and organisations around the world have the resources they need to be safer and more secure online. You’re taking part just by reading this…
Some of the facts
In a recent survey, The National Cyber Security Centre (NCSC) found that 86% of businesses hadn’t conducted any cyber security training or awareness raising sessions in the last 12 months. We don’t want you to panic, but we do want to take a look at some of the facts and figures that surround this topic to give you a good idea of why good cyber security practices are important.
According to a report by IBM ‘Cost of a Data Breach’, in 2021, it took an average of 212 days to detect a breach and 75 days to contain it – this makes an average total of 287 days. To put this into perspective, if a system is breached on 1 January 2021, a business might not find it until end of July ,and it might only finally be contained by mid-October. That’s almost a full year of exposure – can you imagine how much damage a cyber criminal could do in that time?
One of the most popular types of cyber attack is ransomware. Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid. One of the highest profile cases of this was the Wannacry malware that infected the NHS. This was estimated to have cost the NHS £6m in just 12 hours before this attack was resolved.
What we can offer
We can work with you to evaluate your current provisions to better understand your risk, and find areas which can be improved.
How do we do this?
Firstly there’s the obvious things like anti-virus, good password practices and making sure you’re systems are fully patched. These are things we do as standard for our managed IT clients. A truly robust set of cyber security defences involves much more. Quite often the main area of weakness in a business is the human factor. This is where good policies and education are important.
Security awareness training and phishing simulation are easy ways to reduce this risk. We test your team’s ability to spot nefarious emails by creating our own which we can track. If a user gets tricked, we know that they are vulnerable and even direct them immediately to some appropriate training material. As a business owner or manager, you get a birds-eye view of where your risk is, and options to address it.
Good cyber security is all about layers. The more the better. As well as training and phishing simulation, there are a range of other things we can do – find out more in the dedicated Security section of our website.