“We needed to find solutions to a variety of issues whilst being a complex business, operating in a 24/7 environment. Stripe OLT listened and understood immediately the challenges we faced.”
“We needed to find solutions to a variety of issues whilst being a complex business, operating in a 24/7 environment. Stripe OLT listened and understood immediately the challenges we faced.”
Request a Call-back.
First we need a few details.
Keep up to date with the experts
Get insights direct to your email inbox
Follow us on social
“We needed to find solutions to a variety of issues whilst being a complex business, operating in a 24/7 environment. Stripe OLT listened and understood immediately the challenges we faced.”
Request a Call
First we need a few details.
The report informs government policy on cyber security whilst educating organisations on current threats, and how they can best protect themselves from attacks. This year’s report explores the policies, processes and approaches of modern cyber security, alongside the different cyber attacks and crimes that businesses, charities and educational institutions are facing.
The percentage of businesses and charities that experienced a breach last year dropped to 32% and 24%, from the previous year’s figures of 39% and 30%. A key factor which impacted these figures is a lack of Cyber Security awareness and monitoring from senior managers, an issue which has been prioritised less due to the uncertain economic climate. The majority of cyber-attacks are relatively easy to identify and therefore prevent, accordingly, the government has recommended businesses to create and implement a set of ‘cyber hygiene’ measures. Popular and effective methods of maintaining ‘cyber hygiene’ include malware protection, cloud back-ups, passwords, restricted admin rights and network firewalls are all critical steps to ensure cyber security. However, some methods have seen steady declines over the years, particularly password policies (down 9%), network firewalls (down 12%) and restricting admin rights (down 8%).
The cyber security survey reveals that larger organisations consistently commit to identifying risks within their supply chain, however these security reviews are still scarce overall, with only 3 out of 10 businesses carrying out a cyber security risk assessment last year. Communications from the National Cyber Security Centre around supply chain risks encourage businesses to act with more prioritisation and assess their supply chains, according to qualitative data.
Only 3 in 10 businesses & charities have board members or trustees explicitly responsible for cyber security, showing that a lack of cyber preparedness from boards and corporate governance is prevalent throughout the cyber security survey findings. Qualitative data highlights the challenges which prevent boards from prioritizing cyber security, issues such as a lack of knowledge, training and time (these factors have often been reported often in previous years).
Approximately, half of organisations are seeking external information and guidance on cyber security, consistent with the previous years cyber security findings. However this figure reveals that a large proportion of organisations are not adhering to cyber standards or accreditations, and are therefore unaware of the systems and actions they can take to prevent and defend against cyber attacks. Concerningly, government guidance’s such as 10 Steps to Cyber Security and the Cyber Essentials Standard are widely unknown to a large proportion of businesses.
A large proportion of businesses claim they will carry out set processes after a cyber attack, yet only 21% of businesses and 16% of charities have formal incident response plans. Qualitative data suggests that this issue could be tackled through better communications between the IT/Cyber teams and the wider organisation, regarding cyber security awareness and incident response. Educating wider teams and providing post incident reviews can amend the disconnect between these teams, improve cyber hygiene and increase wider engagement in cyber security.
The DSIT estimates that around 2.39 million instances of cybercrime were committed in the last 12 months, and 49,000 instances of fraud as a result of said cybercrime took place in the last 12 months. It is reported that around 785,000 cybercrimes were committed against charities in this same period, however the DSIT highlights that these estimates of scale will have a relatively wide margin of error due to the sample size.
The cyber security survey presents evidence of underreporting across the board, with a total of 11% of businesses experiencing cybercrime in the last 12 months, rising to 37% for large businesses and 25% for high-income charities, another way of looking at these statistics is that around a third of businesses/charities who identified cyber security breaches or attacks, led to becoming a victim of cybercrime.
It’s important to note that the economic climate during this cyber security survey has resulted in businesses facing financial uncertainty and rising inflation & energy costs. With this in mind, cyber security may not have been prioritised as highly, during qualitative interviews there were multiple businesses citing ‘wider issues’ as the main reason cyber hygiene measure were reduced.
The report emphasises that micro and small businesses have shown a lack of prioritisation of cyber security, a reduction in cyber hygiene measure and a lack of identification of cyber security breaches, more so than medium and large businesses.
The shift to widespread hybrid working, combined with a decline in restricted-access business owned devices have contributed largely to a common challenge of an organisation, identifying and managing cyber breaches/attacks. This factor has therefore impacted businesses ability to accurately report the number of cyber incidents they experienced over the last 12 months.
This report ultimately finds that it is essential for SMEs to have reliable and comprehensive IT and security support that can help them navigate and mitigate modern security risks.
At Stripe OLT, we’ve made it our mission to provide security-first IT services, underpinned by cutting-edge Microsoft cloud and security technologies.
Want to know more about how our zero-trust approach to Managed IT can help protect your organisation? Get in touch today.
