The North West Cyber Resilience Centre (NWCRC) has issued a warning to businesses, after the Government released its new Cyber Security Breaches Survey 2024 last week.
Half of all businesses have reported a cyber breach in the last 12 months, and of those 44% went on to experience cyber crime according to the report, which also found that there were an estimated 7.78 million business cyber crimes of all types over the past year.
Worryingly, the report also found that since having a cyber breach, only 19% of businesses have given staff additional training or communications, only 18% have updated their firewall, and only 17% have updated or installed their anti-malware software.
The police-backed NWCRC has now issued an urgent warning to all businesses in the region to ensure they know how to fully protect against cyber attacks.
DI Dan Giannasi, head of cyber and innovation at the NWCRC, urged businesses to focus on their cyber security in the wake of increasingly sophisticated attacks.
He said: “The Government’s new data shows 84% of small businesses now see cyber security as a high priority, but only four in 10 businesses have actually reached outside their business for support or guidance.
“While there has been a slight increase in good cyber hygiene practices, like updating malware protection and implementing phishing policies, only 31% of businesses and 26% of charities have undertaken a cyber security risk assessment for their businesses. And on top of that, only one in 10 have reviewed cyber risks posed by their suppliers and wider supply chains.
“As a police-backed not-for-profit organisation, we are urging businesses to practice good cyber security hygiene – and also make full use of the fully-funded memberships we have available across Cheshire, Merseyside and Lancashire.”
When an organisation has been a victim, they can often be targeted again by the same or
other groups. They may have only had a small breach, but the next one could completely take down their entire IT systems and customer data.
“It’s so important that businesses in the North West ensure that their employees have the right training and resources to create cyber security within the workplace,” added DI Giannasi.
“We often tell employers that they always do regular health and safety checks and procedures, and the same should be done for cyber security.”
The new figures also show that more than half of businesses had experienced cyber breaches every month, and a third of businesses every week. These cyber breaches are likely to be phishing attempts – and 84% of all businesses questioned reporting experiencing phishing attempts. On top of this, the data found that 61% of businesses said that phishing was the most disruptive cyber breach.
The NWCRC was established in 2019 as the first centre in the UK, and is now part of a network of regional Cyber Resilience Centres featured in the HM Government National Cyber Strategy 2022.
It works with small to medium organisations right across the North West region, offering free membership and affordable services including training and risk assessments to increase cyber resilience. The team is made up of trusted professionals, seconded police officers and innovative ethical hackers.
The NWCRC has a number of regional fully-funded programmes available for small to medium businesses, which encompass training and resources to help protect against cyber threats. The programmes are funded by the regional police forces and the Police and Crime Commissioners from proceeds of crime funding. Currently, there are free places available for businesses in Merseyside, Cheshire and Lancashire counties.