By Brian Lord - Managing Director of PGI Cyber
Cybercrime cost British business over a billion pounds in losses last year according to the UK’s national cybercrime centre and Get Safe Online.
The 1 billion figure is big (but is probably only a percentage of the true sum). Most significant, however, is the percentage rise – 22%. As a figure that represents a criminal trend rise, that’s pretty horrifying.
This is the boom time for cybercriminals. They are quickly hitting the soft underbelly of businesses, like any criminal. They see an opportunity and exploit it; again and again and again. Then, when measures are put in place it and it stops working, they adopt a new approach. Throughout the history of crime, it’s what criminals do and have always done. Which is why we see different types of attack trending so steeply (mandate fraud at 66%). Next year it will be another attack type.
The vulnerable underbelly is particularly soft because “cybercrime” sounds complicated, and organisations and people think that the solution must be complicated and only understood by a few “techy types”….and if it’s complicated, it must be expensive….right? So this creates a paralysis of action a result of which cyber criminals are gleefully helping themselves to the free goodies on offer.
Many people believe that it’s complicated and many people sadly would not work hard to dispel that myth. But it’s not. Many of the methods used by cybercriminals can be decreased hugely without any technical intervention. Most Small to Medium Enterprises can protect themselves from these type of attacks (and most others) by putting into place basic steps and basic awareness. PGI, for example, offers educational courses that cost less than four figures per year (and we let people pay monthly if they want).
Schemes like Cyber Essentials represents the basics and most common forms of protection and it’s broken down into 5 easy to understand and easy to implement areas. PGI has an on-line user-friendly Cyber Services Portal which will guide organisations through every step of the short process and help to educate and assure small businesses on the cyber threat and how to safely and affordably combat it.
In the same way as 100% burglary prevention can never be guaranteed the same applies to cyber-crime, but just like burglary prevention, you can prevent nearly all of them by introducing a few basic steps. For most organisations that is enough. Others will have to do more, depending on the nature of their business and their size but that’s also no different to other crime prevention challenges.
Preventing cyber warfare, cyber terrorism, espionage and other types of Hollywoodesque type attacks are different issues which require additional measures for a much, much smaller subset of businesses. Don’t let those dramatic stories distract you from doing the equivalent of locking your door, setting your alarm, switching on your CCTV and teaching your staff not to leave the till open and the safe unlocked – it’s that basic for most.
Oh, and it’s a bit tough to point the finger at the police. If you don’t report a crime, it’s rather difficult for a police service to either solve it or establish trends about which they can provide
sensible practical advice and warnings to the public. They care about it and are investing a lot of effort into training officers to keep abreast of a quickly shifting crime wave. We know, we train some of them. But if you don’t help them, they are limited in what they can achieve.
Like all crime, Cybercrime will always exist. There is absolutely no need for the growth rate to be at epidemic levels. That bit is pretty straightforward and cheap to fix.