In a week when cyber criminals hacked and stole 6,800,000 records from an un-named Indian healthcare business, which they're apparently busy selling online, it makes more sense than ever to make sure your business is cyber-secure.
Here's some news to make your hair stand on end. It looks like human error remains the biggest culprit in the world of cyber threats, and that's good because human error can be fixed with good training.
Welcome to our human error special!
Your biggest cyber-risk? It's still 'human nature'
As an article on the SSL Store website makes clear, people remain the biggest cyber-threat of all, whether it's your own employees, suppliers, vendors or anyone else with access to your systems and networks.
It might be down to ignorance, a pure mistake, a second's forgetfulness, but breaches can also be malicious. Whatever the reason, whoever's responsible, data gets stolen, customer data is compromised, and your company’s reputation potentially takes a major hit.
Your first step to good cyber security is all about people. Make sure they know how to avoid problems and they'll do a lot of the hard work for you, simply because they know what to look out for and know how to be vigilant. Are your employees Cyber Essentials Qualified yet? If not we can help.
An article in Computer Weekly also supports the need for better cyber threat training. It shows how employees were responsible for 52% of incidents that affected operational technology and industrial control system networks in the last year. The same report highlights that while cyber security is fast becoming a top priority for industrial companies, at the same time just 57% have a budget allocated for industrial cyber security. It also revealed a shortage of 'cyber security experts with the right skills to manage protection for industrial networks'.
Do you know enough about deepfakes?
As reported by The Financial Times, Symantec says three businesses so far this year have been stung badly by deepfake tech, AKA manipulated media. One case saw a whopping ten million dollars sent to criminals by a worker who thought they were talking to the big boss on the phone. But an Artificial intelligence was impersonating the executive, and did it so realistically the employee was fooled.
Deepfaking often involves a face swap, where one person's face is replaced by another. There's also lip syncing, where software changes the way a person's mouth moves so it follows a faked audio track. AIs can even be trained to copy someone based on existing recordings of their voice.
The main problem is that previously-expensive techniques are getting cheaper by the day, and deepfake services and tools are easier than ever to buy online. And that indicates they're being used more frequently in a commercial setting.
All this means you need a plan, but right now planning is a problem because academics are still busy trying to figure out effective ways to combat deepfakes. Your best weapon may well be 'cynicism'! Ask your employees to never, ever do something they don't feel comfortable with, even when they think it's the boss on the phone or the screen. It's better to check first than just assume everything's OK and wire millions of pounds to a fraudster.
Cyber security breaches set to rocket 70% by 2024
According to The Actuary, cyber security breaches are set to rocket by as much as 70% over the next five years. The cost to businesses is estimated to be around five trillion dollars a year, up from around three trillion dollars a year today. The report comes from Juniper Research, which says the cost of global cyber security is likely to rise about 11% a year until 2024.
Another piece of research found almost 33% of cyber breaches happen because of employee error, a number that rises to 42% in the healthcare sector. And Willis Towers Watson has found that 90% of cyber insurance claims are down to human error, with only 18% driven by an actual external threat.
Against a landscape like this, your people might be the biggest risk you face. But that's only when they're untrained. When they're properly informed your employees are actually your best method of protection. Call us to get qualified!