Stuart O'Brien, Author at Security IT Summit | Forum Events Ltd

  • Covid-19 – click here for the latest updates from Forum Events & Media Group Ltd

Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd

Posts By :

Stuart O'Brien

Average cost of data breach in healthcare industry hits $7.13 million

 960 640 Stuart O'Brien
By:
0
0

The healthcare industry tops the list of the most expensive data breaches, with a $7.13 million average data breach cost, 84% more than the global average. 

That’s according to data presented by AksjeBloggen.com, which says that with millions of people working from home and using videoconferencing and cloud applications, the COVID-19 pandemic has only increased the number of malicious attacks.

The data says the global average cost of a data breach has fluctuated between $3.5 million and $4 million in recent years. In 2020, it hit $3.86 million, a 1.5% drop year-on-year, revealed the Ponemon Institute’s Cost of a Data Breach Report 2020 commissioned by IBM. The report also showed it usually took 280 days for an organization to spot and contain a breach, a day more than a year ago. However, statistics indicate these figures vary significantly based on industry.

Besides leading in the average cost of a data breach, the healthcare industry also had the highest average time to identify a violation of 329 days. The energy industry ranked second of the 17 sectors surveyed, with $6.39 million in average cost and 254 days to spot a breach. 

Financial services, pharma industry, and technology sector follow, with $5.85 million, $5.06 million, and $5.04 million in average data breach cost, respectively. 

Analyzed by geography, the United States convincingly leads among all surveyed countries with an average data breach cost of $8.64 million, a 5.5% increase in a year. Statistics also show this figure surged by 60% in the last seven years, growing from $5.4 million in 2013. Financial services represent the costliest industry in the United States in 2020, while companies and organizations need 237 days to identify a breach, compared to 245 days in 2019.

Germany leads among European countries with an average data breach cost of $4.45 million in 2020, a 7% drop year-on-year, while companies usually need 160 days to identify a data breach. 

Malicious attacks caused 52% of all breaches. Human error and system glitches follow with 23% and 25% share, respectively. Statistics also show that around 20% of companies that had been victims of a malicious breach were hacked by using stolen or compromised credentials.

The survey also revealed the number of exposed data significantly raised the total cost of a data breach. Breaches of 1 million to 10 million records cost an average of $50 million, or 25 times the average cost of a data breach in 2020. In breaches that exposed more than 50 million records, the average cost grew to a staggering $392 million. 

The five largest data breaches in 2020 exposed a total of 406.6 million records, according to DataBreaches.net statistics. In January, 250 million Microsoft customer records have been exposed online without password protection, the biggest data breach since the beginning of the year. The exposed data included customer service and support logs detailing conversations between Microsoft agents and customers from 2005 to December 2019. 

In May, 115 million Pakistani mobile user records have leaked online, the second-largest data breach this year. The same month, a massive data breach of the unknown source has exposed the records of 22 million people, including their phone numbers, addresses, and social media links.

The fourth-biggest data breach in 2020 exposed the personal data of more than 10.5 million users who stayed at MGM Resorts. Leaked files included contact details of CEOs and employees at some of the world’s largest tech companies. 

In May, British low-cost airline group EasyJet admitted it had been a target of a highly sophisticated cyber-attack, which has exposed the personal data, including credit and debit card details, of more than nine million their customers.             

Ecommerce explosion ‘opens cyber attack floodgates’

 960 640 Stuart O'Brien
By:
0
0

According to the Global Information Security Survey by Ernst and Young, customer information is the most valuable type of data for most attackers.

The threat to cybersecurity and privacy is increasing: about 6 in 10 organizations (59%) have faced a significant incident in the past 12 months, and 48% of executive boards believe that cyber attacks and data breaches will more than moderately impact their business in the next 12 months. 

Data breaches involving payment fraud and other issues related to online security have skyrocketed over the past few years, coinciding with the growth of the e-commerce industry, especially during the COVID-19 mandated quarantine regime. Measures to protect businesses and customers against cyber threats have never been more important.

One challenge that has grown for e-commerce businesses is that of open-source software vulnerabilities, according to NordVPN. Open-source software uses code that anyone can view, modify, or enhance. And while it has been hugely valuable to e-commerce businesses, it also carries a number of cybersecurity challenges.

‘’Open-source software is popular because it is often free to use or can be modified to suit the individual needs of a business. But this popularity means that any vulnerabilities found in the code can be a massive problem across a huge number of websites. Add in the changes COVID-19 has brought, and this problem has intensified a lot. Companies should really start making technical improvements to their websites fast if they want to avoid a potentially catastrophic breach. If they continue using unpatched, open-source software with vulnerabilities, they’ll leave themselves open to attacks,’’ said Juta Gurinaviciute, Chief Technology Officer at NordVPN Teams.

Another issue businesses are facing is the rise in attacks on outdated or fake plugins. When used on companies’ websites, these compromised plugins can lead to the spread of malware. One such issue is e-skimming — an attack where malware infects online checkout pages to steal payment and personal information of shoppers. E-skimming is getting more common — companies both large and small have been hit by e-skimming attacks in the past two years, and that includes big names like Macy’s, Puma, and Ticketmaster. 

Other security threats to e-commerce sites include phishing, ransomware, SQL injection, DDoS attacks, and cross-site scripting (XSS).

E-commerce websites hold a lot of valuable data about their customers, and that makes business owners a target. Customers put a lot of trust in the merchants they shop with, providing personal data and sensitive payment information with every purchase. Earning consumer trust is critical to a continued relationship. Once lost, earning it back is really hard.

Businesses are also required to meet various compliance standards, and fines can be levied if those are not met. In case of a breach, there is a whole host of other problems to address: forensic investigation, data recovery services, credit monitoring for impacted parties, and liability insurance to help mitigate this financial risk, to name just a few.E-commerce security is never a done deal. Threats and hacking methodologies evolve at an alarming rate, so maintaining awareness and a security-focused mindset is the key to staying secure. Layering multiple solutions for business security is one of the best ways to keep an online business safe against cyber attacks.

‘’Companies can start with their firewalls (including web application firewalls), making sure the connection is secure, ensuring that passwords are strong, implementing multi-factor authentication, using intrusion detection systems, and constantly monitoring and updating web platforms,’’ the NordVPN Teams expert added.

Government and Financial Services best equipped to defeat cyber attacks

 960 640 Stuart O'Brien
By:
0
0

Government and Financial Service sectors globally are the most hardened against cyberattacks in 2020.

That’s according to the third edition of the Synack Trust Report, a data-driven analysis of cybersecurity preparedness across all sectors and industries, found that government and Financial Services scored 15 percent and 11 percent higher, respectively, than all other industries in 2020.

Government agencies earned the top spot in part due to reducing the time it takes to remediate exploitable vulnerabilities by 73 percent.

Throughout the year, both sectors faced unprecedented challenges due to the global COVID-19 pandemic, but still maintained a commitment to thorough and continuous security testing that lessened the risk from cyberattacks.

“It’s a tremendously tough time for all organizations amidst today’s uncertainties. Data breaches are the last thing they need right now. That’s why it’s more crucial than ever to quickly find and fix potentially devastating vulnerabilities before they cause irreparable harm,” said Jay Kaplan, CEO and Co-Founder of Synack. “If security isn’t a priority, trust can evaporate in an instant.”

The 2020 Trust Report is grounded in data from the patented Attacker Resistance Score (ARS) Metric, which drew information directly from tests conducted on the Synack Crowdsourced Security Platform from 2019 through July 2020 — right through the COVID-19 response period. Synack calculates a unique ARS metric between 0 and 100 for every asset, assessment and organization it tests. The calculation takes into account attacker cost, severity of findings and remediation efficiency. The higher the ARS, the more hardened assets are against attack.

“The 2020 Synack Trust Report is a must-read for anyone who has ever been asked by their C-Suite, CEO, or Board: ‘Can I trust our digital systems? And how do we compare to other companies?'” wrote Michael Coden, Global Leader Cybersecurity Practice, BCG Platinion, Boston Consulting Group, in his forward to the 2020 Trust Report. “The report makes it clear that companies surviving the continuous barrage of cyberattacks are the ones that frequently test as many of their digital assets as possible with the appropriate depth and breadth to the criticality of that asset.”

Key 2020 Trust Report findings include:

The Government sector earned 61 — the highest rating

The chaos of 2020 added new hardship to many Government bodies, but security hasn’t necessarily suffered as many agencies have become more innovative and agile. Their ability to quickly remediate vulnerabilities drove this year’s top ranking. 

Financial Services scored 59 amidst massive COVID-19 disruptions

Financial Services adapted quickly through the pandemic to help employees adjust to their new remote work realities and ensure customers could continue doing business. Continuous securitytesting played a significant role in the sector’s ARS.

Healthcare and Life Sciences scored 56 despite pandemic challenges

The rush to deploy apps to help with the COVID-19 recovery led to serious cybersecuritychallenges for Healthcare and Life Sciences. Despite those issues, the sector had the third highest average score as research and manufacturing organizations stayed vigilant and continuously tested digital assets.

Severity of vulnerabilities found on the Synack platform increases

Twenty-eight percent of the vulnerabilities discovered by the Synack Red Team, the community of ethical hackers working on the Synack platform, were considered high, very high or critical. Synack leads the industry in finding the most critical and dangerous vulnerabilities in customers’ digital assets and apps, giving them the insight necessary to prevent attacks.

ARS scores increase 23 percent from continuous testing

For organizations that regularly release updated code or deploy new apps, point-in-time securityanalysis will not pick up potentially catastrophic vulnerabilities. A continuous approach to testing helps ensure vulnerabilities are found and fixed quickly, resulting in a higher ARS metric.

Visit www.synack.com to download the report for free.

The Security IT Summit has gone virtual!

 960 640 Stuart O'Brien
By:
0
0

Due to current announcements and government updates, we have made the decision to make the Security IT Summit VIRTUAL – Register today!

Date: Thursday 5th November

Still offering you the same benefits as the live event – we will bring together the industry’s leading buyers and suppliers together for business collaboration.

Your bespoke place is entirely free and includes benefits such as;

Prepare for every eventuality – We can build you a bespoke 1-2-1 itinerary of meetings with innovative and budget savings suppliers who match your requirements.
Gaining industry insight – Enjoy a series of topical webinars led by industry thought leaders.
Flexibility – Your attendance is flexible, you can either attend for half a day or the whole duration.
Save time – We will handle everything for you, saving you time and money by arranging all the meetings for you based on your requirements.

Click here to secure your free virtual place

Do you specialise in Employee Security Awareness? We want to hear from you!

 960 640 Stuart O'Brien
By:
0
0

Each month on IT Security Briefing we’re shining the spotlight on a different part of the cyber security market – and in October we’re focussing on Employee Security Awareness solutions.

It’s all part of our ‘Recommended’ editorial feature, designed to help IT security buyers find the best products and services available today.

So, if you’re an Employee Security Awareness solutions specialist and would like to be included as part of this exciting new shop window, we’d love to hear from you – for more info, contact Chris Cannon on c.cannon@forumevents.co.uk.

Here’s our full features list:

Oct – Employee Security Awareness
Nov – Malware
Dec – Network Security Management

Huge leap in girls learning cyber security skills

 960 640 Stuart O'Brien
By:
0
0

The number of girls looking to learn new cyber security skills has surged this summer after courses went online for the first time.

The National Cyber Security Centre (NCSC) confirmed that the number of young people taking part in this year’s CyberFirst summer courses rose to a record-breaking 1,770 after they moved from the classroom to online.

And while the number of applications from boys saw a significant 31% rise, it was the increase in the number of girls applying which really caught the eye – rising by a massive 60% on 2019.

CyberFirst aims to ensure greater diversity in the next generation of cyber security specialists, and the summer courses offer 14 to 17-year-olds the chance to learn about digital forensics, ethical hacking, cryptography and cyber security challenges.

The new figures come one month after the NCSC pledged to take action to improve diversity and inclusion in the cyber security sector, as just 15% of the UK’s cyber security workforce are women and 14% of employees are from ethnic minority backgrounds.

Chris Ensor, NCSC Deputy Director for Cyber Growth, said: “I’m delighted to see that more young people are exploring the exciting world of cyber security, and it’s especially encouraging to see such a level of interest from girls.

“Our online courses have provided new opportunities for teenagers of all backgrounds and we are committed to making cyber security more accessible for all.

“Ensuring a diverse talent pipeline is vital in keeping the UK the safest place to live and work online, and CyberFirst plays a key role in developing the next generation of cyber experts.”

Digital Infrastructure Minister Matt Warman said: “It’s great to see so many young people taking part in the CyberFirst summer courses. These fantastic experiences give teenagers an insight into the exciting and varied careers on offer in cyber security.

”We want our cyber sector to go from strength to strength, so it is vital we inspire the next generation of diverse talent to protect people and businesses across the country.”

This year 670 more places were made available for the CyberFirst summer courses. The number of boys applying rose from 1,824 in 2019 to 2,398 this year, while for girls it went from 930 to 1,492 over the same period.

The annual initiative is offered at three levels: CyberFirst Defenders (for those aged 14–15), CyberFirst Futures (15–16), CyberFirst Advanced (16–17) – all aimed at helping pupils develop digital and problem-solving skills and introduce them to the cyber threat landscape.

This autumn, pupils interested in cyber security and computer science can look forward to a whole raft of opportunities from CyberFirst, as part of its ongoing commitment to inspire the next generation of cyber talent.

Other CyberFirst programmes include:

  • CyberFirst bursaries and apprenticeship schemes, which offer financial help for university-goers and paid summer work placements with over a hundred organisations to kickstart careers in cyber security. Applications are now live.
  • Empower Digital Cyber Week (9th-13th November), where students can watch and join online cyber sessions given by speakers in academia, industry and government.
  • The annual CyberFirst Girls competition, open to teams who want a fun and challenging opportunity to test their cyber skills in a bid to be crowned the UK’s top codebreakers. Registrations for the 2020-21 Girls Competition open on 30th November. More details about this year’s competition can be found on the NCSC’s website.
  • The government’s online cyber skills platform Cyber Discovery launched its latest intake in June and has already attracted over 13,500 students, with more than a third of registrations from female students. The programme, for 13-18 year olds, is a free and fun way for teens to develop cyber security skills. Students can register to join here: https://joincyberdiscovery.com/

Solving the data centre skills shortage

 960 640 Stuart O'Brien
By:
0
0

By Stephen Whatling, Chairman at BCS

The growth in demand for data centres worldwide has posed many challenges in recent years and this has now been expedited by the Covid-19 pandemic. Following a major uplift in demand for data services since March, the need for a resilient data infrastructure has never been greater.

However, this year BCS’ independent survey shows an increase in concern about the availability of design and build staff with an 11% rise, to 75%, of respondents believing there is an inadequate supply of skilled labour. The same independent BCS survey shows that 90% of those involved in the design and construction of data centres believe there is a dearth of both design and build personnel.

As the confusion regarding exam results and the subsequent issues with university places continues to test the education system, it is a growing concern for the future supply of resources skilled in the design and build of data centres.  It is then perhaps no surprise that for the second survey running, greater industry engagement with educators is ranked as the top factor to address this identified skills shortage. This is particularly important given the tremendous competition for suitably qualified STEM staff from a wave of different technology sectors across the wider economy. Early engagement with the industry at the educational level is needed to encourage the next generation of potential datacentre professionals through providing clear routes to jobs and career advancement that exist in many of the competing industries.

Better on the job training and improved or greater incentives for apprenticeships also ranked highly in the survey as  respondents acknowledged the positive impact that the education sector and businesses working in partnership can have in developing home-grown resources.  At BCS we believe that the expansion of apprenticeship places is vital to the success of the generation of UK based skills.  This year we had over 200 applicants for the apprentice and graduate scheme we operate in partnership with London Southbank University which provides funded places and, alongside studies, enables the apprentices to access every aspect of the BCS business.

From this year’s intake, Imogen Paton is enrolled on a Quantity Surveying Degree Apprenticeship at London Southbank University and will be sharing her time between studying there and getting some great practical experience with BCS over the next five years. Imogen said: “I am really looking forward to this opportunity to grow and work with both a great company and great university and can’t wait to get started!”

Many businesses might think that taking on an apprentice during the current pandemic will not bear fruit but that is not necessarily the case.  Yes, it can be harder and will require a little more care and attention but the right candidates will learn some invaluable skills during these strange times.

Ben Chappell, a BCS Apprentice Consultant from London Southbank University says he will “definitely take a new sense of confidence in working independently back to the office when the lockdown is over.”

“I’ve been balancing client tasks with Southbank University work successfully, which has given me assurance that my routine is productive. One of the lessons for my industry is that we now know that a significant amount of work can be done remotely if the circumstances require it. However, I am also very much aware of the importance of social interaction for both the office teams and client relations and I’m looking forward to getting back on site,” he said.

It is also worth remembering that the survey was undertaken at the beginning of the UK lockdown, before the length of the lockdown and subsequent travel restrictions could be fully understood.  Despite the timing, almost three-quarters of respondents believed that shortages amongst data centre operational staff was already making it increasingly difficult to run facilities well. It is now clear that the difficulties associated with international travel such as the lack of availability of flights and hotel rooms or the more recent focus on quarantine rules has made it even more difficult for the roving teams of design, build and maintenance engineers to do their jobs efficiently.  These teams are, of course, essential workers and not subject to the quarantine rules but travel, and life in general, is more difficult now, and as a result less productive.  This will mean that even more skilled engineers are required to support the existing infrastructure.

Meeting the demands for greater capacity was an issue before Covid-19 with 74% seeing higher labour costs, 55% using increased outsourcing and almost 50% seeing delays due to the shortage of available skills.  It is likely these numbers will be even higher next year. We should also take note of the likely impact of Brexit and any future immigration policy.  It is vital that any future policy recognises the importance of the data centre industry in the UK and supports it with favourable access for the skilled workers that will be needed in order to meet the existing demand. 

In conclusion, the demand for UK based data centres currently outstrips supply, smart working and automated processes, and a focus on education alongside investment and support from the Government, is required sooner rather than later to ensure the UK capitalises on this opportunity.

Attend the Security IT Summit as a live or virtual delegate

 960 640 Stuart O'Brien
By:
0
0

This unique Summit is hybrid, which means you can attend either in-person at the live event or via our virtual platform – whichever suits you the best!

Your place is entirely complimentary and includes;

  • Access to a live insightful seminar session led by an industry thought leader
  • Pre-recorded webinars
  • Lunch and refreshments throughout*
  • Networking with fellow industry professionals*
  • A personalised itinerary of relaxed 1-2-1 meetings with budget-saving suppliers who match your needs for upcoming projects

It is completely flexible – you can attend for the whole duration of the event or for just half a day. 5th November – Hilton London Canary Wharf

Your virtual OR live event pass can be secured HERE.

DDoS attacks ‘sell for as low as $10 per hour’

 960 640 Stuart O'Brien
By:
0
0

By Juta Gurinaviciute, Chief Technology Officer, NordVPN Teams

The recently released Dark Web Price Index 2020 reveals the current average prices for a selection of cybercrime products and services available “on demand.” A basic targeted malware attack in Europe or the US costs $300, while a targeted distributed denial-of-service (DDoS) attack goes for as little as $10 per hour or $60 for 24 hours. The “salespeople” even offer volume discounts, making such attacks the go-to weapon for online extortion.

According to Nexusguard’s Q1 2020 Threat Report, in the first quarter this year, DDoS attacks increased by more than 278% compared to Q1 2019, and by more than 542% compared to the previous quarter. 

According to Gartner research, the average cost of downtime for a small-to-midsize business is $5,600 per minute. The World Economic Forum’s “Global Risks Report 2020” reveals that, in the United States, the chances of catching and prosecuting a cybercrime actor are almost nil (0.05%). At the same time, the impact on the targeted companies’ business is massive. IBM’s “Cost of a Data Breach Report” pegs the average cost of a security breach at $3.92 million.

Suffering a DDoS attack could be inevitable, especially if the business operates in a high-risk industry. Regardless of the solutions you implement, your company should incorporate a DDoS response procedure into your official business continuity plan. According to Ponemon Institute research, firms that can respond to a security incident quickly and contain the damage can save 26% or more on the total costs of the event cleanup.

‘One reason why DDoS attacks are so inexpensive is that more and more people that offer DDoS-for-hire services are leveraging the scale and bandwidth of public clouds. With remote work becoming the new standard and with emphasis on home internet connectivity at an all time high, proper security measures to mitigate these attacks have never been more important.

What is a DDoS attack?

Distributed denial of service (DDoS) attacks are a serious threat to modern network security. Their goal is to take down the target by either flooding traffic or triggering a crash. These attacks are often sourced from virtual machines in the cloud rather than from the attacker’s own machine, which is done to achieve anonymity and higher network bandwidth.

Typically, these types of attacks are run through botnets — networks of computer devices hijacked and infected by bots to carry out various scams and cyberattacks. A bot is a piece of malicious software that gets orders from another device or attacker. A computer becomes infected when a worm or virus installs the bot, or when the user visits a malicious website that exploits a vulnerability in the browser.

These days, because of the COVID-19 pandemic, organizations around the globe are embracing remote work at unprecedented rates. This has made online services of all kinds — from governments to banks and e-commerce to e-learning — more vulnerable to criminals, and DDoS attacks more alluring as a means of extortion. Such attacks don’t cost much and can produce excellent returns. When online connections are stopped or significantly slowed for even a few hours, employees’ work is disrupted, and customers can’t buy anything, which all leads to damaged revenues and public image of the organization.

How to protect company data

Without early threat detection and traffic profiling systems, it’s impossible to know a DDoS attack has occurred. In fact, you will only know about it when your website slows down or comes to a complete halt.

These attacks target data, applications, and infrastructure simultaneously to increase the chances of success. To fight them, an integrated security strategy protecting all infrastructure levels is necessary.

  • Develop a Denial of Service response plan. Make sure your data center is prepared, a checklist is in place, and your team is aware of their responsibilities.
  • Secure your network infrastructure. This includes advanced intrusion prevention and threat management systems — which combine firewalls, VPN, anti-spam, content filtering — and load balancing. Together, they enable constant and consistent network protection against DDoS attacks.
  • Make sure your systems are up to date. By regularly patching your infrastructure and installing new software versions, you can close more doors to attackers.
  • Leverage the cloud. Cloud-based apps can curb harmful or malicious traffic before it ever reaches its intended destination. Such services are operated by software engineers whose job is to monitor the web for the latest DDoS tactics and attack vectors.
  • Avoid public or unsecured Wi-Fi. If your remote team must log in to an account on a network you don’t trust, use a VPN to encrypt all communications. Even bank websites can be forged to be almost undetectable. So, if an attacker has administrative access to the network you’re using, a data breach may occur.

Cyber security habits getting lax during lockdown

 960 640 Stuart O'Brien
By:
0
0

Britons have developed lax cyber security habits, using their work equipment to shop online, check their social media or forgetting to log themselves out of applications once they’ve stopped using them.

That’s according to research from Mimecast, which says businesses should capitalise on the phased return to the office to implement stringent training and improve cybersecurity awareness among their workforce.

The results of the survey, it says, are damning:

  • 63% of Britons use their personal devices to access the corporate network
  • As the lines between their personal and professional lives blur, almost 60% forward personal emails to their professional ones
  • Almost half open attachments from unknown sources (49.4%) or click on links in emails from unknown sources (47.1%)

Mimecast says these bad practices result in more cybersecurity incidents across businesses, with three in four IT leaders witnessing cybersecurity issues once a month or more – more worryingly, 20% of them admit occurrences happen more than once a day. 

Email remains the first source of cybersecurity issues: 42% of IT leaders acknowledge most cybersecurity incidents start with an employee clicking on a malicious link in an email. As hackers become more sophisticated, 30% admit that these emails mimic an internal source, increasing the challenge to identify whether a source is legitimate or not for employees who may not have seen their colleagues since March. 

Cyberhygiene varies widely between divisions

To add to this constant headache for IT leaders, the level of cybersecurity awareness within the organisation varies widely between divisions – with the main culprits for poor cybersecurity hygiene often being the ones who manage the highest volume of emails. 

IT leaders rank risk and compliance as the most trustworthy division when it comes to cybersecurity, closely followed by the finance department. The latter has long been a hacker’s favourite target as one small mistake can provide access to the company’s financial information and result in a dip in revenue. 

While the guarantors of the company’s financial health are among the most vigilant when it comes to cybersecurity, those responsible for its reputation could use a refresher: IT leaders see marketing and communications as the worst offenders when it comes to bad cybersecurity practices, followed by design and HR & training. 

Many organisations had to implement large-scale remote working policies in a hurry to respond to the lockdown. Yet, IT leaders are confident this has helped their workforce to become more mindful of cybersecurity: eight out of ten believe their company will be better prepared to cope with disruption, and that employees within their organisation will have better cyber hygiene moving forward. 

Francis Gaffney, Director of Threat Analysis at Mimecast, said: “The COVID-19 pandemic has had a massive impact on businesses across the country, making it difficult for many to function as they usually would. With offices forced to close overnight, many workforces were working remotely for the first time. This obviously had major implications for cybersecurity, as IT had limited visibility into employee habits. This research is particularly worrying because it shows that UK employees are failing to follow basic cybersecurity best practises, which can have huge repercussions for businesses both financially and from a reputation perspective.  Now is the time to prioritise cyber hygiene awareness training to ensure employees returning to the office will be proficient in keeping the business secure.”

Image by Stefan Coders from Pixabay