Organisations such as accounting firms, law firms, healthcare organisations are particularly attractive targets for cyber criminals since they hold vast quantities of highly confidential data. This makes it especially important that they take every possible step to be cyber aware and cyber resilient.
We’ve written about penetration (pen) testing in a previous blog post whereby an organisation delibebrately engages in hacking activities to identify vulnerable points in their systems and practices.
One of the UK’s biggest NHS trusts, the Leeds Teaching Hospitals NHS Trust, recently undertook a cyber security exercise to test its staff’s responsiveness to phishing and spearphishing attacks.
According to a report to its audit committee, the trust sent a fake phishing email to its 17,000 staff to see how many of them would fail to realise they were being phished and consequently confidential information. Some 2.3% (400 staff members) responded, revealing confidential information such as passwords and network credentials. This is s mal percentage but 400 staff members equates to a lot of data that a cyber criminal would be able to access.
Ransomware is a massive cyber security concern for many businesses with the risk of an attack escalating – according to a according to a recent Payment Card Industry Security Standards Council (PCI SSC) guide there has been a 600% growth in new ransomware since December 2015. The report sys that ransomware crime cost businesses an estimated $1 billion (approximately £800 million) last year.
Given that many cyber criminals are after money, accessing payment card information is a direct route to their goal which makes ransomware particularly distrubing for any business storing, transmitting or processing payment card data. Unsurprisingly point-of-sale (PoS) systems are a common target.
What can YOUR firm do to be less vulnerable to attacks?
- Conduct a Full security audit
- Have Cyber Essentials or Cyber Essentials Plus
- Develop a cyber security strategy
- Have cyber security policies
- Develop and deliver a staff awareness programme
All of these are considerable work and require a high level of knowledge and expertise, Most firms do one of two things – either they don’t bother or they outsource to an external firm. Alchemy Systems can help you with any or all of them and more besides.
Alchemy Systems have 20 years of IT systems experience and are a Microsoft Partner. Alchemy Systems Designs, Supplies, Installs, Supports and Protects clients’ IT systems. Tel. 0330-043-080198 Email. [email protected]