The EUROPOL Serious and Organised Crime Threat Assessment (SOCTA) for 2021 was released this month. https://www.europol.europa.eu/activities-services/main-reports/european-union-serious-and-organised-crime-threat-assessment
It’s an interesting high level read. The first topic discussed in the section about the main criminal activities is cybercrime which EUROPOL say is on the increase both in terms of the number of attacks but also the sophistication of attacks.
Last week the NCSC launched a cyber security self-assessment tool to help sole traders and micro businesses evaluate their cyber security profile and create a cyber action plan. The self-assessment only takes a few minutes to complete and produces recommended actions at the end. The scope of the self-assessment is similar to what is covered by the NCSC’s Small Business Guide and its associated videos. If you’d like support with your own cyber security assessment, please get in contact with Consult MB Ltd, we’d be glad to help.
Numerous recent reports and publications are predicting the cyber-crime trends for 2021. Top of the list is a forecast of increased ransomware attacks and, unsurprisingly, home based working is also assumed to be under the threat of increasingly sophisticated attacks.
The Acronis Cyber Readiness Report has various interesting stats from 2020. 31% of companies reported a cyber-attack at least once a day, and over 1000 businesses had their data leaked after a ransomware attack. It isn’t clear whether any of those companies paid up the initial ransom, and then saw their data leaked anyway…
Supported by industry, and backed by the Government’s National Cyber Security Centre, Cyber Essentials is designed to help organisations, of all sizes, to guard against the most common cyber threats. Please have a look and get in contact if you need any more information.
Here at Consult MB Ltd, despite COVID-19, we’re still doing OK serving our customer base in Somerset, Bristol and the South West. Elsewhere though, we hear cyber business is booming, unfortunately the wrong type of business. The “Hidden Costs of Cybercrime” report by McAfee says the global cost of cybercrime is now around one trillion US dollars, up 50% on their 2018 estimate. It comes as no surprise that the most costly types of cybercrime are: malware & spyware, phishing, ransomware, financial cybercrime and cryptocurrency theft.
The McAfee report also makes the sort of common sense recommendations that we endorse and can assist you in adopting. These include, implement basic security measures, provide awareness training and develop prevention and response plans. Please contact us if you’d like to learn more.
We’re a tad late on this one, but in October the NCSC issued a revamped cyber security guide for small businesses. It outlines five key aspects:
You can download your copy of the NCSC guide here.
Consult MB Ltd offers staff awareness training, based on NCSC guidance, to small-medium sized organisations throughout Bristol and the South West. Please contact us for more details.
Following the headline-dominating ransomware attack on Blackbaud earlier this year, the threat charities are under has never been more real. With employees increasingly working from home, ensuring charities are cyber secure is now more important than ever.
With this in mind, the IASME Consortium, the recognised partner for the Government-backed Cyber Essentials certification scheme, is launching a week-long campaign in November aimed at encouraging registered charities to improve their resilience to online threats. Alongside their participating licensed partners, the IASME Consortium is offering discounted certifications on two of their schemes, Cyber Essentials and IASME Governance, which will help charities demonstrate that they have effective and recognised best practice and protections in place.
As a licensed certification body, Consult MB Ltd is pleased to be offering a discount on both certifications to charities for the week 2nd-6th November 2020. The discounted rates are as follows:
Cyber Essentials – £225 plus VAT (a 25% discount)
IASME Governance – £250 plus VAT (a 37.5% discount)
Through this campaign, we are hoping to raise awareness to charities of the cyber threats they may face and how they can combat them by putting the right procedures in place for their organisations. To find out more and to register your interest, please contact us directly for more information.
ImmuniWeb a company specialising in Artificial Intelligence in the security world have published a report “State of Cybersecurity Industry Exposure at Dark Web”. It’s a scary read. Leading global cyber security companies report some shocking figures about data leaks and information appearing on the Dark Web. What’s particularly concerning is the continued use of weak passwords, and identical passwords used across many different systems. A password of “password” was the most commonly found. Ho hum.
When we consider addressing cyber risk we often focus on mitigation. Sometimes we avoid the risk or simply accept the risk. Another option is to transfer the risk, and typically this means insurance. The National Cyber Security Centre (NCSC) has recently published some guidance for organisations thinking about cyber insurance. Whilst stressing that insurance will not prevent cyber security incidents…the NCSC make the point that some insurers will give discounts when you can demonstrate that you take cyber security seriously and have basic defences in place. Cyber Essentials and Cyber Essentials Plus certification are identified as evidence of this.
As a Cyber Essentials & Cyber Essentials Plus Certification Body we provide training, advice/consultancy and certification services across the whole of Somerset, Bristol, and surrounding areas. If you achieve Cyber Essentials with us you may be eligible for cyber liability insurance offered as part of the certification. Please check out the IASME Consortium (NCSC’s Cyber Essentials Partner) FAQ for more details.
In response to COVID-19, on July 13th the NCSC added a “Home and Remote Working” exercise to their great free resource “Exercise in a Box”.
Like most of their other exercises, this 30-60 minute session is also a ‘table top’ exercise, based around discussions prompted by NCSC discussion points. The exercise is aimed at small to medium size businesses, you can check it out here: https://www.ncsc.gov.uk/information/exercise-in-a-box