Businesses are being urged to ensure their cyber security is up to scratch after latest figures revealed that 39 per cent of firms reported breaches or attacks in the past 12 months. Government figures released this week revealed that cyber attacks continue to pose a serious threat to all types of UK businesses, with one in five of the businesses affected reporting a sophisticated attack such as denial of service, malware or ransomware attack.
Stephen Whelan, Technical Director at technology business Integrity IT Solutions, which operates across the North of England and south-west Scotland, said it was essential that businesses took steps to protect themselves against cyber crime. He said: “Every business, no matter how large or small, should have in place measures to prevent online criminals accessing their information and potentially damaging their business.
“Cyber criminals often see the human factor as the weakest link in any security measure, so it’s vital that every member of your team who has access to the internet or an email account receives cyber security training and understands the serious damage that these sorts of attacks can cause.” The Cyber Security Breaches Survey 2022 found that the average estimated cost of cyber attacks to businesses in the last 12 months was £4,200, with phishing attempts, where criminals use scam emails, text messages or phone calls to trick victims, the most common form of security cyber breach, accounting for 83 per cent.
“Online criminals create phishing emails which look realistic, such as fake invoices or receipts, to make it more likely that someone will click on them,” Stephen said.
“It’s important that your team understands how to identify a phishing email, and reports anything suspicious to their line manager. It’s the responsibility of everyone in the organisation to be vigilant.”
As well as phishing attempts to steal money and passwords, businesses can also be targeted by ransomware attacks where files are encrypted to prevent access. Stephen said businesses that fall victim to such attacks were at risk of suffering reputational damage, as well as operational downtime and cost of repairing systems.
He said businesses can improve cyber security by using strong passwords made up of three random words and regularly vetting who has access to their systems.
Weak passwords can be hacked in seconds, so choose longer and more unusual passwords and use different passwords for different accounts,” he said. “It’s good practice to use a password manager to store and create strong, unique passwords.
“Two-Factor Authentication (2FA) reduces the risk of being hacked by asking you to provide a second factor of information, such as getting a text or code when you log in. It’s a practice commonly used by credit card companies and one which can be easily enabled on software such as Microsoft 365.”
Stephen also advises businesses to regularly remove access which is no longer required, ensure that users’ desktops, laptops and mobile devices are all patched, and that defences such as firewalls and anti-virus software are up-to-date and working. He said businesses should have a plan in place to identify critical data and key systems in case the worst happens and a cyber security breach occurs.
Integrity IT Solutions, which is based in Carlisle, Cumbria, and Annan in Dumfries and Galloway, offers full cyber health checks for businesses. The IT firm designs, supplies, supports and installs systems to suit all types and sizes of businesses, offering a range of solutions including IT support, cloud migration projects, server hardware, WiFi installation and hosted telephony services.