Cyber-security
Overview
Cyber attacks and data breaches cost organisations billions of pounds every year, and as the world becomes more digitally led that figure is likely to increase. Incidents are increasing globally and are unpredictable, sometimes going undetected for months or years.
Cyber threats do not just take the form of malicious software ('malware') that attempts to breach firewalls, but can also be unsolicited email containing links to legitimate websites which launch a program allowing unauthorised access to all your systems and databases.
There are many different types of cyber attacks, including social engineering and phishing. Simialrly, the people and organisations that carry out the attacks have a variety of motivations in doing so, including monetary gain and the promotion of political ideas.
How can I protect myself?
Most of us rely on the internet on a daily basis. We're all becoming more dependent on it for our needs, whether it's to manage our finances, communicate with friends and family, or for online shopping.
The government provides advice on how to:
- Protect your device
- Protect your data
- Protect your business
...on the Cyberaware website. It has helpful password security advice and software update guidance. These are quick and simple steps that will make your devices (laptops, tablets, mobiles, PCs) much better protected against the vast majority of cyber attacks. Additional mobile phone guidance is also available.
Check online to see if you've been the victim of a data breach.
How can I protect my business?
The impact of a cyber attack can be huge for a business. It's not just the time spent fixing your website or systems, but the potential loss of customers and damage to your reputation. There are many potential consequences of a hacker getting access to your data.
Cyber Essentials is a simple and effective government-backed scheme that will help you protect your organisation against a range of the most common cyber attacks. Certification will reassure current and potential customers that you take cyber security seriously. You'll also be listed in a directory of certified organisations.
The National Cyber Security Centre has published guidance for small businesses. The guide provides five quick and easy steps to protect your business and to reduce the chance of your business falling victim to cyber crime:
- Backing up your data
- Protecting your organisation from malware
- Keeping your smartphones and tablets safe
- Using passwords to protect your data
- Avoiding phishing attacks
Larger businesses, or those facing a greater risk from cyber crime, should read the Ten Steps to Security guidance.
Report cyber crime
ActionFraud is the UK's national fraud and cyber crime reporting centre. The easiest way to report fraud and cyber crime is to use their online reporting tool. You can also call their helpdesk Monday to Friday, 8am to 8pm on 0300 123 2040.
You can sign up for free to receive direct, verified accurate information about scams and fraud in your area by email, recorded voice and text message.
24/7 reporting for businesses
If you're a business, charity or other organisation currently experiencing a live cyber attack (an attack that's in progress) call Action Fraud on 0300 123 2040 to speak to a specialist adviser.
You should also report cyber crime to your local police and advise them that you've also reported it through Action Fraud. This is worthwhile as a bank's investigation will require a criminal reference number (CRN) to prove you've been a victim.
Additional resources
The Metropolitan Police's FALCON (Fraud and Linked Crime Online) service has produced the Little Book of Cyber Crimes, specifically designed to offer advice to small and medium-sized enterprises (SMEs) on staying safe in the cyber world.
The Centre for the Protection of National Infrastructure (CPNI) is the government authority for protective security advice to the UK national infrastructure. Their role is to protect national security by helping to reduce the vulnerability of the national infrastructure to terrorism and other threats. They have developed a series of security awareness campaigns designed to provide organisations with a complete range of the materials they need.
The National Cyber Security Centre (NCSC) is part of GCHQ and provides a single point of contact for SMEs, larger organisations and government agencies and departments. It was set up to help protect critical services from cyber attacks, manage major incidents, and improve the underlying security of the UK internet through technological improvement and advice to citizens and organisations.