The National Crime Agency has just published its Cyber Crime Assessment 2016, a summary of cyber threats affecting UK businesses in 2015. According to the Office for National Statistics, around 2.46 million cyber incidents affected businesses of all kinds last year, making around 2.11 million UK victims.
The report highlights emerging trends that characterise the fast-evolving cyber crime environment:
- Groups of international cyber criminals are getting more skilled and sophisticated: they have industrialised criminal activity, acting in a large-scale and business-like manner;
- These groups are believed to be behind the sophisticated financial Trojan malware that was a major source of financial crime in the UK last year;
- The accessibility of easy-to-use hacking tools has increased the number of technically competent ‘lone-wolf’ cyber criminals;
- New level of ransomware attacks: ransomware attacks now include threats to publish private data online as well as threatening the permanent encryption of data.
- Many corporate cyber security tools and basic procedures are now insufficient to stop this technologically advanced and more sophisticated level of cyber crime.
Call for raising cyber crime protection
As the report says, perfect security is almost impossible. Nonetheless, risk mitigation is possible. With the adoption of the right combination of tools, procedures and processes, companies can dramatically reduce the risk of cyber attacks. Take the Cyber Essentials scheme: it sets a baseline for cyber security based on five security controls – secure configuration, boundary firewalls and Internet gateways, access control and administrative privilege management, patch management, and malware protection – that could prevent around 80% of cyber threats.
Cyber Essentials certification is within easy reach for everyone
Don’t worry if you don’t employ skilled professionals, or if you have a tight budget: IT Governance has developed different solutions to help you become Cyber Essentials certified whatever your resources and requirements:
- I don’t need any help – The Do It Yourself solution includes the certification service only.
- I need resources and some guidance getting started with the process – The Get A Little Help solution provides you with documentation templates and online help.
- I need expert advice – The Get A Lot Of Help solution includes a full-day on-site consultancy service with an expert cyber security practitioner.
They are available for Cyber Essentials Plus, too.