2022 was yet another year of increased cybercrime for organisations in the UK and worldwide. The approaches being taken by cyber criminals point clearly to a professionalisation of this type of crime over the last few years. Cyber attacks have become increasingly targeted, nuanced and, therefore, successful. The latest CyberEdge report reveals that in 2022, six out of every seven organisations experienced a successful cyber attack, with a quarter of participants experiencing between 6-10 attacks in a single year.
The shift in focus of cyber criminals
The report also found that the type of cyber threats were changing. Where malware has been the primary concern for organisations, this is now being matched by ransomware and account takeover attacks. This has led to considerable financial losses for businesses, not just in ransom payment that are at an all-time high, but through operational downtime and data breach fines as well.
Increased budget or greater cyber security awareness?
One aspect of the report that is particularly concerning is that despite the cyber security budgets of organisations continuing to rise, this has made little impact on reducing the success rate of cyber attacks. This appears to be due to the targeting of cyber attacks on the weakest points in a business’s IT structure, namely it’s employees. With more staff working from home and more mobile devices in use, these two vulnerabilities are letting cyber criminals through the back door.
Increased security measures will certainly be required to fight off the majority of these attacks. But greater staff awareness of the threats and tactics currently being used could also go a long way in preventing threats, particularly when staff are off site.
You may also be interested in: Are you doing everything within your budget to ensure your IT security
A culture of cyber security awareness
Focusing part of your existing cyber security budget on staff awareness training is a good move in the current climate.
The web-based training we deliver is proactive in teaching employees about the security threats they will face in their day to day work. This training offers ‘real world’ threat scenarios that help to build better cyber security habits into the everyday working practices of staff, creating a culture of awareness.
As well as providing flexibility and mobility, web-based training is a cost-efficient option that is easy to use and achieves great results in increasing staff knowledge and keeping them mindful of current threats.