Since 1990 when we were introduced to the World Wide Web the internet has impacted almost every aspect of our lives, and the way we do business. The biggest impact has been the change to the way, and speed, that we communicate with others and the amount of information we share. Email, instant messaging, voice over internet protocol (VOIP), web conferencing, social networking, forums and cloud document management enable us to keep in regular contact with friends, work colleagues, customers and suppliers, and share data with them. The downside of this is that it has provided the opportunity for criminals to use the same channels to access our information and data.
The main aim of online criminals is to steal money whether from an individual or organisation, and they will go to extreme lengths to achieve this. According to Microsoft, a cyber-attacker spends an average of 146 days within an organisation’s network before detection. This can be despite sophisticated security protection software and knowledgeable personnel employed to keep a company’s servers secure, all of which comes at a significant cost. Although many organisations have increased their cyber security spending, the increase in attacks, up by 23%, cost 53% more than the previous year and employers reported that they haven’t seen a return on their additional spending. One factor to consider is that the majority of cyber-attacks are caused by human error due to a lack of understanding of how to keep their employer’s data secure, rather than a failing in anti-cyber attack technology solutions.
Worldwide cyber-attacks are growing in number daily with experts quoting the cost to be $600 billion. According to the UK government Cyber Security Breaches Survey 2018, 42% of micro and small businesses, and 65% of medium and large businesses, have experienced a cyber-breach or attack in the last 12 months. An astonishing 79% of UK businesses have experienced down time because of an attack. 63% of company network intrusions are due to compromised user credentials with 37% of breaches being caused by phishing, most likely during email use. Working with emails is also a vulnerable time for personal internet use along with online shopping. If you think that mature online users are more likely to be compromised than millennials then you’d be wrong; in a Federal Trade Commission survey it was found that 40% of those in their thirties lost money due to fraud compared with only 18% of over 70s.
The National Cyber Security Centre has produced 10 Steps to Cyber Security, as per below, which is used by the majority of the FTSE350, but is equally relevant to all organisations. Step 2 is ‘User Education and Awareness’ which is critical to protecting your business against cyber-attack as it is employees that are a business’s highest risk in the fight against cyber-attacks. Reduce this risk by providing your staff with low cost, but very effective online learning, such as the ‘DOJO Cyber Security and GDPR Awareness’ online course which has been used by over 280,000 users, including staff at West Lindsey District Council. A council representative said:
“The feedback has been incredible and staff are already coming up with some great ideas on how to build a complete GDPR and Cyber-Security awareness programme based on the videos and the characters from them.”
View the eLearning Marketplace selection of Information and Cyber Security training by clicking on the image below.