New report reveals businesses still wide open to cyber attack – warns Connectus CEO.

New report reveals businesses still wide open to cyber attack – warns Connectus CEO.
Warning over increasing risk of cyber attack, and the steps firms need to take in 2023 to combat them.

BUSINESSES and charities are still leaving themselves dangerously wide open to cyber attacks and should be doing much more to protect themselves in 2023.

That’s the verdict of one of the region’s leading experts who was speaking in the wake of a new report on the issue.

The Cyber Security Longitudinal Survey aims to better understand the cyber security policies and processes within medium and large businesses and high-income charities, and to explore the links over time between these policies and processes and the likelihood and impact of a cyber incident.

Among the key conclusions it discovered was that in the last twelve months approximately six in ten businesses (58%) and charities (62%) have delivered cyber security training or awareness raising sessions specifically for staff and/or volunteers who are not directly involved in cyber security.

The majority of both businesses and charities took steps to improve their cyber defences and, over the past twelve months, almost nine in ten businesses (85%) and charities (86%) have taken at least one action to expand or improve an aspect of their cyber security.

However fewer than three in ten businesses (26%) or charities (28%) have formally addressed the potential cyber security risks associated with their suppliers/ partners.

Commenting on the findings, Roy Shelton,  CEO of the Yorkshire-based Connectus Group, said: “This report throws up some really alarming details about the gaps many businesses still have in their armoury when it comes to cyber attacks. Since the pandemic the risk and has grown and the danger of falling victim to a cyber attack has never been higher.

“The fact nearly half of businesses polled have not delivered training underlines the neglect some are paying with regards to this issue. It’s  also concerning to see so many businesses properly engaging with their suppliers to make sure they are up to date with cyber security measures. This report illustrates the opportunity that exists for the Connectus Group to continue help providing our services to business support which will, in turn, help safeguard them from attacks in 2023.”

Last year businesses wwere watned that ransomware attacks present “the most immediate danger” to the UK. The head of the National Cyber Security Centre (NCSC) also said cyber attacks linked to the Covid-19 pandemic were likely to be prevalent for many years to come.

Lindy Cameron warned that cybercriminals and other malicious actors continue to see ransomware as an “attractive route” as long as firms do not adequately protect themselves or agree to pay the ransom when attacked – something the NCSC has encouraged companies not to do.

Ms Cameron was speaking at Chatham House’s Cyber 2021 Conference and marking her first year in the post of chief executive at the NCSC, warning that businesses need to do more to protect themselves.

Ransomware is a form of cyber attack which locks files and data on a user’s computer and demands payment in order for them to be released back to the owner and has been used as part of a number of high-profile cyber attacks in recent years, including the 2017 attack on the NHS.

“Ransomware presents the most immediate danger to UK businesses and most other organisations,” she said.