In April 2019, the National Cyber Security Centre published their first ‘UK Cyber Survey’.
Independently carried out on behalf of the NCSC, a part of GCHQ, and the Department for Digital, Media and Sport (DCMS), the results will be of interest to businesses of all sizes and sectors.
Key statistics and findings from the survey:
Most common cyber threats
Among those businesses the NCSC reported as facing breaches or attacks, the most common types are:
It’s also important to remember that cyber threats don’t just come from external sources but can come from inside your business, or through businesses you work with.
So, how can businesses prevent cyber breaches and attacks?
The NSCS survey recommends greater board-level involvement in cyber-security, monitoring suppliers and planning incident response.
Prioritising cyber security was found to not always match increased engagement and action, with:
1. Always require employees to verify their identity when logging into services using multi-factor authentication. For example, after someone logs into their mobile device (i.e. a laptop), have an automated pop up that requires re-verification by re-adding their system password. Once done this authentication system sends a verification code to that person’s mobile number that needs adding to the system before further access is granted.
2. Conduct regular vulnerability scans, ensuring that critical results are actioned. Those scans check computers, networks or applications for any kind of known weaknesses.
3. Only work with businesses that can demonstrate they use the same security precautions as you do (e.g. those that have an ISO 27001 certification).
4. Keep software, drivers and operating systems up-to-date.
5. Use password managers to discourage insecure passwords and password re-use.
6. Make sure critical security patches are installed as soon as possible. A patch updates, fixes or improves a computer programme or its supporting data, including fixing security vulnerabilities and other bugs, whilst improving the performance or usability.
7. Use an always-on antivirus program.
8. Use a whitelist for your programs to prevent unrecognised programs from running.
9. Set the lowest level of access by default for all devices and services.
10. Use firewalls and make sure to separate your networks.
How can Citation help me?
If you’re a Citation client and you want to discuss cyber security within your business, you can always call our 24-hour Health & Safety advice line on 0345 844 4848.
Not a Citation client yet? Give our team a call on 0345 844 1111 to chat through your business needs.
GET A FREE CONSULTATION