Free Cybersecurity Awareness Month 2024 pack

October is Cybersecurity Awareness Month, and we’re thrilled to announce the release of our new 2024 Free Cybersecurity Awareness Month Pack! 🎉

This pack will equip you and your team with resources to enhance your cybersecurity awareness throughout October and beyond. Here’s what you’ll find in the pack:

  • 4-minute video: An easy way to set the scene for the month with this video showcasing the importance of cyber security
  • Cybersecurity Awareness Quick Wins Checklist: A handy guide to quickly bolster your cybersecurity defences with actionable tips and best practices.
  • Cybersecurity Awareness Month Desktop Wallpaper: Keep the importance of cybersecurity at the forefront of your mind with a stylish desktop wallpaper.
  • Email Footer Promoting Good Cyber Health: Easily add an email footer to your communications, spreading awareness about cybersecurity best practices.
  • Jargon-Busting A-Z : Decode all the buzzwords with this handy A-Z that can be shared with your staff.
  • Suggested Quiz: to bring a fun element to the month.
  • 4x Posters showcasing cyber issues: print yourself posters to provide talking points around the office.
  • 4x Email Templates: Effortlessly communicate the importance of cybersecurity to your team with our pre-designed email templates, discussing common social engineering techniques.
  • 4x Guides on Passwords, Onboarding, Phishing, and Remarkable Realities: Dive deep into crucial aspects of cybersecurity with our comprehensive yet approachable guides.

Ready to get started? Interact with the bot below to gain instant access now! 👇

Why Is Cybersecurity Awareness Month Needed?

Cybersecurity Awareness Month is fast approaching, bringing with it a series of essential educational events, growth opportunities, and industry gatherings. In today’s hyperconnected world cybersecurity has become critical to maintaining the safety and integrity of our data. 

Despite this, an alarming number of individuals and businesses remain unaware of basic cybersecurity practices, leaving them vulnerable to cyberattacks. 

Download our FREE Cybersecurity Awareness Month pack here .

The True Cost of Cyber Threats to Business

Cybercrime is one of the most expensive challenges businesses face today, with the cost of global damages projected to reach $6.4 trillion between 2024 and 2029, an increase of 69.41%.

High-profile cyberattacks on companies like Colonial Pipeline in the U.S. and British Airways in the UK underscore the massive financial risks. More recently, Ticketmaster experienced a significant data breach in July 2024, where the personal details of 560 million customers were leaked after hackers gained access by stealing login details from Snowflake, Ticketmaster’s cloud storage provider. Similarly, American Express fell victim to a cyberattack in March 2024, showcasing the widespread vulnerability of even the most well-established companies.

In the UK, the costs of cyberattacks are rising sharply. The UK Government’s Cyber Security Breaches Survey 2023 reported that 32% of UK businesses were targeted by cyberattacks in the previous 12 months. This number rose to 59% for medium sized businesses, and an eye watering 69% for large businesses. The cost for large corporations can easily escalate into millions, as seen in the £20 million fine imposed on British Airways in 2020 following their data breach.

The Rise in Cyber Threats

As technology evolves, naturally so do the threats. The number of cyberattacks has skyrocketed in recent years. In the UK alone, the National Cyber Security Centre (NCSC) handled almost 300 cyber incidents between 2022 and 2023, 28 of which were considered “NCSC-managed incidents”, and 18 of which were categorised as C3 and above.  Globally, there were around 623.3 million ransomware attacks across 2021, with ransomware accounting for around a fifth of cyber crimes in 2022.

Sectors like healthcare and finance have been particularly affected, with a recent attack said to have cost the NHS 4913 in acute outpatient appointments, with 1391 operations postponed. According to the stats, the average cost of a data breach anywhere in the healthcare industry can reach $9.77 million, causing serious long-term financial repercussions.

The Importance of Promoting Best Practices

Many of the most damaging cyber incidents stem from avoidable human errors, such as weak passwords, phishing scams, and failure to apply software updates. According to Verizon’s 2023 Data Breach Investigations Report, 74% of breaches involved a human element. In the UK, phishing remains the most common form of cybercrime, with 79% of UK businesses reporting incidents in the last year.

The Ticketmaster and American Express breaches serve as reminders of the importance of secure password management and strong access controls. Simple measures can significantly reduce the risk of data breaches for individuals and businesses alike, like using strong, unique passwords, enabling multi-factor authentication, and remaining vigilant against phishing attacks.

Closing the Knowledge Gap

One of the major challenges in cybersecurity is the widespread knowledge gap between IT professionals and the general public. A recent survey released by Proofpoint Inc showed that around a third of CISO (Chief Information Security Officers) feel unprepared to cope with a targeted cyber attack. 

With human error the most significant vulnerability to cybersecurity, understanding and education are more important than ever before. 

The Ticketmaster breach was, in part, a result of insufficient understanding of cloud security protocols, which highlights how critical it is for businesses to understand cybersecurity protocols. Cybersecurity Awareness Month aims to educate and empower people across all levels with accessible, up-to-date cybersecurity knowledge to reduce these vulnerabilities.

Adapting to the Changing Digital Landscape

As businesses increasingly rely on new technologies such as cloud computing, artificial intelligence, and the Internet of Things (IoT), they introduce new vulnerabilities. In 2024, the Ticketmaster breach underscored the potential risks of cloud storage if not properly secured. Similarly, the American Express cyberattack demonstrated that even financial institutions with robust defences can be susceptible to emerging threats.

Cybersecurity Awareness Month serves as a reminder of the need to stay informed about these changes. Whether it’s understanding the security risks of IoT devices or learning about new data privacy regulations like GDPR, businesses must adapt to the evolving digital landscape to stay secure.

Empowering Individuals to Act

At its core, Cybersecurity Awareness Month is about empowerment. It provides individuals with the knowledge and tools they need to protect themselves in an increasingly digital world. The campaign demystifies cybersecurity, making it more approachable for people from all backgrounds and skill levels. 

In the UK, initiatives led by the NCSC, such as the “Cyber Aware” campaign, complement Cybersecurity Awareness Month by offering practical advice and resources for businesses and the public.

By raising awareness, you can help individuals and businesses take proactive steps to reduce their risk and build a more resilient digital future: when it comes to cybersecurity, knowledge really is power.

Final Thoughts

Cybersecurity Awareness Month provides a platform for raising public and organisational awareness of these growing threats. By promoting a proactive approach, businesses can implement protective measures like incident response plans, stronger firewalls, and employee training programs to mitigate risk.

With cyber threats increasingly targeting both the U.S. and the UK—exemplified by the Ticketmaster and American Express breaches—this October is an opportunity for individuals and businesses alike to commit to learning, sharing, and adopting good cybersecurity habits that will benefit everyone throughout the year.

Don’t forget to download our FREE Cybersecurity Awareness Month pack.

When Giants Fall: Cyberattacks on the NHS and TfL Highlight Growing Threats

The importance of cybersecurity cannot be overstated; it’s an issue which impacts businesses of all shapes and sizes, and which can have devastating effects in terms of finances and reputation. While cyberattacks on small businesses and individuals often make headlines, some of the biggest organisations in the UK have also fallen victim to these dangerous threats, including two of the UK’s largest public sector organisations—Transport for London (TfL) and the National Health Service (NHS). We discuss what they’ve done to respond, and what this means for the future.

The Growing Threat of Cybersecurity Breaches

Cybersecurity is a critical issue across the globe, and the UK is no exception. With the increasing digitisation of services, organisations are handling more data than ever, making them prime targets for cybercriminals. According to recent reports, cyberattacks have surged across all sectors in the UK, with government institutions and healthcare organisations among the hardest hit.

The types of attacks faced by large organisations are often more sophisticated and damaging. Common threats include ransomware, phishing schemes, and DDoS (Distributed Denial of Service) attacks, all of which can disrupt operations and compromise sensitive data. Public sector organisations like TfL and the NHS are particularly vulnerable due to the essential services they provide and the sensitive information they hold.

Transport for London

Transport for London (TfL) recently made headlines for all the wrong reasons when they found themselves facing a cyberattack, and enlisted the help of the National Crime Agency (NCA) and the National Cyber Security Centre (NCSC). Although TfL initially assured the public that no customer data had been compromised, it later appeared that a small number may have been affected. Services were largely unaffected, however concerns about the breach’s severity remained, resulting in TfL restricting access to its systems, and advising staff to work remotely. 

Cybersecurity experts, such as Adam Pilton from CyberSmart, suggested that continued changes to TfL’s internal systems indicated the attacker might still have had access to the network. Speculation surrounded potential perpetrators, with some pointing to previous attacks by Russian-linked groups, such as the Clop ransomware gang, which had targeted TfL the previous year, stealing personal data from around 13,000 individuals.

The National Crime Agency have since said a 17-year-old boy has been arrested in connection with the incident.

This cyberattack serves as a stark reminder of the critical importance of cybersecurity training. TfL’s swift response was commendable, but it highlights the need for organisations to equip their staff with the necessary knowledge and protocols to defend against evolving threats. With cyberattacks becoming increasingly sophisticated, businesses must invest in proactive cybersecurity measures to safeguard both their systems and customer data.

NHS

2024 also saw the NHS hit with yet another cyber attack, this time involving Synovis, a major pathology services provider in partnership with Guy’s and St Thomas’ NHS Foundation Trust and King’s College Hospital. The breach impacted both internal operations and patient services, leading to some activities being cancelled or redirected as Synnovis prioritised urgent care, and the impact was felt across a wide range of London boroughs, with areas such as Bexley, Southwark, and Lambeth all reporting an impact on local GP practices, and general NHS services. 

Although an investigation involving the NHS, the National Cyber Security Centre, and law enforcement is ongoing, the attackers reportedly released data they claimed to have stolen from Synnovis, and the incident highlighted the vulnerability of healthcare infrastructure to cyber threats, stressing the importance of robust cybersecurity measures to protect sensitive medical data​ for a crucial sector in society. 

The Bottom Line

As these attacks illustrate, cybersecurity is a concern that affects us all. It’s crucial for everyone within an organisation to be vigilant and proactive in maintaining safety and security across every aspect of their business. Regardless of the size of your budget or the sophistication of your security system, these incidents highlight that anyone can fall victim to a cyber attack—and the threat continues to grow.

To stay ahead of these evolving risks, investing in top-notch cybersecurity training is essential.

Bobs Business offers reliable, trustworthy, and engaging cybersecurity training that equips you and your team with the knowledge to think critically before you click and to safeguard your business effectively. Don’t wait for an attack to highlight gaps in your security. 

Contact Bob’s Business today to ensure your organisation remains secure for many years to come.

RegreSSHion: All You Need To Know

The world of cybersecurity is ever changing and evolving – and this also applies to the bugs and glitches that can cause devastation to your system if they slip through the cracks. One of the latest talking points on the topic is RegreSSHion, a family of security bugs with the potential to cause vulnerability and chaos for systems across the world. But just what is RegreSSHion, and how could it impact your business? We took a closer look.

What Is RegreSSHion?

Put simply, RegreSSHion refers to a series of security vulnerabilities identified within the OpenSSH software, hence the clever name. OpenSSH, short for Open Secure Shell, is a widely-used tool for secure communication over networks, enabling encrypted connections between client and server. It’s integral to numerous systems, making any vulnerabilities within it a major concern for cybersecurity.

The Risks

These bugs provide cybercriminals with the opportunity to remotely execute code on a target machine. Remote code execution (RCE) is one of the most severe forms of security vulnerabilities. It allows an attacker to run arbitrary code on a remote machine over a network. With RCE, attackers can potentially gain control over the affected system. This type of vulnerability can have devastating consequences, as it effectively provides the attacker with the ability to manipulate the system as if they were physically sitting in front of it.

Moreover, through these vulnerabilities, attackers can escalate their privileges to gain root access to the affected machine. Root access is the highest level of system permission, providing complete control over the system. When a cybercriminal gains root access, they can alter system configurations, access and manipulate all files, install and run malicious software, and erase any traces of their activity. This level of access poses a significant risk, as it can lead to complete system compromise and data theft, making it a critical concern for anyone using OpenSSH software.

Once attackers have gained such access, they are in a position to inflict extensive damage or conduct malicious activities. These activities can include data theft, system espionage, deploying ransomware, or using the compromised machine as a launchpad for further attacks on other systems or networks.

Long Term Risks For Businesses

RegreSSHion can have serious short-term consequences – but the long term repercussions can also be devastating for businesses. Some of the most significant long-term issues may include: 

Data Breaches and Loss of Sensitive Information

The RegreSSHion can lead to unauthorised access and control over systems, which significantly increases the risk of data breaches. Cybercriminals can exploit these vulnerabilities to steal sensitive information such as customer data, intellectual property, financial records, and more. The long-term impact of a data breach can be devastating for a business, resulting in the loss of customer trust, legal repercussions, and costly data recovery efforts.

Damage to Reputation and Brand Trust

As noted, a security incident linked to the RegreSSHion bug can severely damage a business’s reputation. Customers and partners expect their data to be secure, and any failure to protect it can result in a loss of confidence in the company. Rebuilding trust and restoring a damaged brand image can be a long and challenging process, potentially leading to a loss of market share and revenue.

Financial Losses from Downtime and Recovery

Finding yourself the victim of the RegreSSHion can lead to system disruptions, downtime, and the need for extensive recovery efforts. These incidents can halt business operations, leading to a significant loss of revenue. In addition, the costs associated with incident response, system repairs, legal fees, and potential fines for non-compliance can be substantial, impacting the financial stability of your business in the long term.

Intellectual Property Theft and Competitive Disadvantage

If attackers gain access to a company’s intellectual property, including trade secrets, research and development data, and proprietary technology, it can lead to a significant competitive disadvantage. Competitors or malicious actors could use this stolen information to develop similar products, undercut pricing, or enter the market with a competitive edge. Protecting intellectual property is crucial for maintaining a business’s market position and long-term viability.

How To Protect Your Business

As you can see, this is a bug that can have devastating consequences for businesses of all shapes and sizes, putting a serious dent in your finances, causing headaches over lost intellectual property, and damaging relationships with customers and suppliers. Fortunately, there are a few steps your business can take to help create a strong layer of protection, reducing the risk of your systems being targeted and infected.

Conduct Regular Software Updates and Patch Management

One of the most effective ways to protect your systems from vulnerabilities like RegreSSHion is to keep all software, including OpenSSH, up-to-date with the latest security patches. Regularly updating your systems ensures that you have the latest security features and fixes that address known vulnerabilities. Implement a robust patch management strategy to streamline this process and reduce the risk of exposure to security threats.

Implement Strong Access Controls

Ensure that your systems are configured with strong access controls. This includes using complex passwords, enabling multi-factor authentication (MFA), and limiting user privileges to the minimum necessary for their roles. By restricting access to sensitive systems and data, you can minimise the potential damage if a breach occurs.

Monitor and Audit System Activity

Regularly monitoring and auditing system activity can help you detect unusual behaviour that may indicate a security breach. Implementing tools and processes for real-time monitoring of system logs, network traffic, and user activities can provide early warning signs of potential threats and allow you to respond quickly, avoiding the worst of the damage.

Maintain a Comprehensive Incident Response Plan

Having a well-defined incident response plan is crucial for effectively managing and mitigating the impact of security incidents. Your plan should outline the steps to be taken in the event of a breach, including communication protocols, roles and responsibilities, and recovery procedures. Regularly review and update your plan to ensure it remains effective, and make sure that it is accessible to those who need it.

Invest in Cybersecurity Education and Awareness

Educating your employees about cybersecurity best practices is one of the most effective ways to prevent security breaches. Ensure that your team is aware of the latest threats, such as the RegreSSHion, and understands how to recognise and respond to potential security risks. By fostering a culture of security awareness, you can empower your employees to act as the first line of defence against cyber threats.

Final Thoughts

RegreSSHion is a potentially devastating threat – but the good news is that you don’t have to be a victim. By implementing checks and tests, keeping access secure, and boosting your knowledge and understanding, you can ensure that you and your team are in the best possible position to protect yourself from RegreSSHion – as well as any other unwanted visitors who may try to infiltrate your system.

Business Continuity and Cybersecurity: Beyond the initial Crowdstrike disruption, what can we learn?

Friday 19th July started as a normal day for many businesses. The weather forecast was improving, and workers across the world were looking forward to a weekend of relaxation, socialising, and time to unwind. 

In truth, however, the end of the week was set to run anything but smoothly: just a few hours into Friday morning, airports, doctors, banks, businesses and stock exchanges around the world were in chaos. News reports showed queues of stranded passengers waiting for flights around the globe, businesses were struck dumb, unable to carry out simple processes, and millions of people found themselves at the mercy of a software update that was, ironically, designed to protect against hackers and minimise IT disruption. 

But just what happened in the Crowdstrike meltdown, and how can you protect your business if a similar event occurs in the future?

Who Are Crowdstrike?

To really understand the issue at hand, we first need to understand the name behind the headlines. CrowdStrike Holdings Inc is one of the largest providers of cybersecurity software in the world, focused on endpoint security, threat intelligence, and cyber attack response services.

The Flawed Update

The guilty part in question in this case was a tiny, seemingly harmless file, which was large enough to hold just a single web page image. In an example of size not being truly indicative of power, the file, ‘C-00000291*.sys,” was a small part of a larger update for the Falcon sensor product created by CrowdStrike. Once set into motion, the file created a critical error in the Microsoft Windows operating system, making affected devices unusable, and triggering the blue screen of death which is such a dreaded sight for Windows users.

The Impact on Businesses

The initial impact on businesses was immediately apparent: systems across the world were accosted by the dreaded blue screen of death, and nothing could be done to clear the error. Financial consequences and a lack of productivity were the clearest casualties, but cybercriminals had already discovered a way to potentially make things a lot worse for desperate businesses.

Within hours of the CrowdStrike incident going public a host of new domains appeared, each bearing the name ‘CrowdStrike,’ and offering resolutions and support to those impacted by the chaos. Taking full advantage of the catastrophe, unscrupulous cybercriminals grabbed domains such as ‘crowdstriketoken[.]com,’ and ‘crowdstrikefix[.]com’, reaching out to organisations under the guide of help their true agenda, however, was an elaborate phishing scam designed to obtain credentials and secure details, making an already devastating situation that much worse. In truth, the only fix for the error is to boot into Windows safe mode, delete the rogue file, and reboot – a much simpler solution, but one that would prove much less lucrative for would-be scammers.

The Next Steps For Businesses

The long-term consequences for CrowdStrike remain unclear, and are likely to include a landscape of financial penalties and legal action. The CEO, George Kurtz, has already pledged to fully investigate the incident and prevent repeat occurrences, stating that:

“Nothing is more important to me than the trust and confidence that our customers and partners have put into CrowdStrike. As we resolve this incident, you have my commitment to provide full transparency on how this occurred and steps we’re taking to prevent anything like this from happening again…We know that adversaries and bad actors will try to exploit events like this. I encourage everyone to remain vigilant and ensure that you’re engaging with official CrowdStrike reps. Our blog and technical support will continue to be the official channels for the latest updates.”

For now,  the key focus for many businesses is understanding the steps that can be taken to minimise the impact in the event of a future incident like this via their own business continuity processes.

Ensuring business continuity needs to be a key priority for organisations of all sizes and levels, and there are three main aspects to this:

  • Testing and Evaluation

Thorough evaluation, updating and testing of business continuity and disaster recovery plans must be a major focus of any business. This should include detailed analysis of potential financial impact on an event such as the CrowdStrike incident, and a full back-up plan to help mitigate risk. Testing further extends to a change strategy. When rolling out major updates or upgrades businesses should test on a subset of devices to ensure any deployed changes are operating as expected, so to minimise any unplanned disruption should things go wrong.

  • Understanding Critical Infrastructure

A strong understanding of the dependencies and supply chains needed for critical infrastructure are also essential, and businesses need to work to secure the right protection through strong back up plans, good insurance, and clear contractual terms. This includes raising the alarm immediately if there is a fear that an IT or security event has occurred, and reviewing regulatory reporting obligations if an incident does occur.

  • Maintain Vigilant and Proactive Protection Strategies

Businesses also need to work to develop and implement vigilant and proactive protection strategies, which focus heavily on avoiding cybersecurity threats before they have the chance to cause a major incident. Vigilant monitoring and robust systems can help your organisation to stay ahead of the game, minimising the potential for serious harm or damage.

Final Thoughts

The CrowdStrike meltdown serves as a stark reminder of the vulnerabilities that even the most sophisticated systems can face. The incident, sparked by a seemingly insignificant file within a protective software update, caused widespread disruption across multiple sectors, highlighting the critical importance of robust business continuity measures. 

For businesses, the lessons are clear: business continuity plans should form part of your cybersecurity measures, whether an incident is malicious or not, your business needs to be able to function as normal. Prioritise thorough testing and evaluation of disaster recovery plans, ensure a deep understanding of critical infrastructure dependencies, and maintain vigilant and proactive protection strategies. By learning from this incident and fortifying their defences, organisations can better navigate the complexities of the digital landscape and mitigate the impact of future cybersecurity threats.

How Bob’s Business can help your organisation

At Bob’s Business, we are the UK’s Most Trusted Cybersecurity Awareness Training provider, equipping organisations with the knowledge and skills needed to protect sensitive data and ensure business continuity.

In the face of escalating cyber threats in 2024, cybersecurity training is not just a precautionary measure; it’s imperative.

Empower your workforce with the knowledge and skills to prevent cyber threats and fortify your organisation’s defences today.

What is encryption & why does your organisation need it?

Encryption – it sounds like a tool only reserved for top-tier IT experts, right?

Don’t be fooled by its complexity; encryption is more accessible than you think, and might be an essential security tool for your organisation.

But what exactly is encryption, and why should you care about it?

Let’s break it down together.

What is encryption and why does it matter?

Encryption is like a secret code that scrambles your data into an unreadable format without the right key.

It’s like putting your information in a locked box before sending it.

So, even if hackers intercept your data, they won’t be able to decipher it without the key.

Encryption is essential for protecting sensitive data. Whether it’s your passwords, financial details, or personal messages, encryption ensures that only authorised parties can access and understand your information.

The benefits of encryption

Data protection: encryption protects your data from unauthorised access, preventing data breaches and unauthorised disclosure of sensitive information.

Compliance: many industry regulations and data protection laws, such as GDPR, require businesses to encrypt sensitive data. Encryption tools can avoid potential fines or penalties for non-compliance.

Trust building: demonstrating a commitment to data security through encryption can build trust with your customers and partners and enhance the business’s reputation.

Intellectual property protection: Encryption helps to protect intellectual property, trade secrets, and private information from theft, protecting your competitive advantage.

Secure communication: Encryption ensures that communication channels, such as emails and messaging platforms, are secure from interception.

Overall, implementing encryption in your business can mitigate risks and demonstrate your commitment to protecting sensitive data and maintaining strong cybersecurity practices.

Types of encryption

Symmetric encryption

Symmetric encryption uses a single key for both encryption and decryption.

This means the same key is used to scramble and unscramble the data.

It’s like having a single key that locks and unlocks a door, making it efficient for encrypting large amounts of data quickly. One common example of symmetric encryption is the use of password-protected ZIP files.

Asymmetric encryption

Asymmetric encryption uses a pair of keys: a public key and a private key.

The public key is freely available and is used for encryption, while the private key is kept secret and is used for decryption.

This setup allows for secure communication without the need to share a secret key beforehand.

Asymmetric encryption can be used to help employees securely access company networks remotely via VPN, where data is encrypted with the server’s public key and can only be decrypted by the server’s private key.

Hashing

Hashing is a one-way encryption technique that converts data into a fixed-size string of characters, known as a hash value or digest.

Once data is hashed, it cannot be converted back to its original form, this is useful for password storage.

For example, when you create an account on a website and set a password, the website hashes your password before storing it in its database.

When you log in, the website hashes the password you provide and compares it to the stored hash to verify your identity without storing your actual password.

How your business can implement encryption

Setting up encryption without an IT team doesn’t have to be daunting. Here are some easy ways to do it:

Email encryption

Use encrypted email services: many email providers offer built-in encryption features or plugins that enable you to encrypt emails easily.

This ensures that sensitive information shared via email, such as customer details or private data, remains protected.

Financial records encryption

The payroll department can benefit from encryption, particularly when it comes to securing financial records.

Encrypting sensitive financial data, such as bank account information, transaction details, and payroll records, adds an additional layer of security.

By using encryption software or tools for these records, you can prevent unauthorised access and protect your financial information from potential cyber threats.

File-level encryption

File-level encryption allows you to encrypt individual files or folders on your computer or server.

This means that even if someone gains unauthorised access to your device or network, they won’t be able to view the contents of encrypted files without the decryption key.

Full-disk encryption

Full-disk encryption encrypts the contents of your computer’s hard drive or storage device.

Most modern devices have built-in full-disk encryption features that you can easily enable in the settings.

This means that all the data stored on the device remains inaccessible even if the device is lost or stolen.

How Bob’s Business can help your organisation

At Bob’s Business, we are the UK’s Most Trusted Cybersecurity Awareness Training provider, equipping organisations with the knowledge and skills needed to protect sensitive data.

In the face of escalating cyber threats in 2024, cybersecurity training is not just a precautionary measure; it’s imperative.

Empower your workforce with the knowledge and skills to prevent cyber threats and fortify your organisation’s defences today. Interact with the bot below to discover our range of cyber solutions.

What you need to know from the Cyber Security Breaches Survey 2024

Every year, The Department for Science, Innovation and Technology (DSIT), in partnership with the Home Office, releases the findings from their annual Cyber Security Breaches Survey, with the results invariably informing cybersecurity discussion for the 12 months to follow.

This year, 2,000 UK businesses, 1,004 UK registered charities and 430 education institutions were consulted from 7 September 2023 to 19 January 2024. All of this is to say that when it comes to cybersecurity in the UK, there are no more authoritative sources from which to draw.

We’ve reviewed the 2024 survey numbers, pulled out some of the most notable findings, and separated them into categories for your reading pleasure. In this blog, we’ll be sharing those findings. Let’s get started.

Prevalence of cyber breaches and attacks:

  • Half of businesses (50%) and around a third of charities (32%) reported experiencing some form of cyber security breach or attack in the last 12 months. This was much higher for medium businesses (70%), large businesses (74%) and high-income charities with £500,000 or more in annual income (66%).

Types of breaches and attacks:

  • The most common type of breach or attack was phishing (84% of businesses and 83% of charities). To a much lesser extent, this was followed by others impersonating organisations in emails or online (35% of businesses and 37% of charities) and then viruses or other malware (17% of businesses and 14% of charities).

Costs of breaches and attacks:

  • Among those identifying any breaches or attacks, the survey estimates the single most disruptive breach from the last 12 months cost each business, of any size, an average of approximately £1,205. For medium and large businesses, this was approximately £10,830. For charities, it was approximately £460.

Cyber hygiene measures:

  • There have been slight increases in the deployment of cyber hygiene measures among businesses compared to 2023, such as using up-to-date malware protection (up from 76% to 83%), restricting admin rights (up from 67% to 73%), network firewalls (up from 66% to 75%) and agreed processes for phishing emails (up from 48% to 54%).

Risk management and supply chains:

  • 31% of businesses and 26% of charities had undertaken cyber security risk assessments in the last year, rising to 63% of medium businesses and 72% of large businesses.
  • 33% of businesses and 23% of charities deployed security monitoring tools, rising to 63% of medium businesses and 71% of large businesses.
  • 43% of businesses and 34% of charities reported being insured against cyber security risks, rising to 62% of medium businesses and 54% of large businesses.
  • 11% of businesses and 9% of charities said they review the risks posed by their immediate suppliers, with this being more common for medium businesses (28%) and large businesses (48%).

Board engagement and corporate governance:

  • 75% of businesses and more than six in 10 charities (63%) reported that cyber security is a high priority for their senior management. This proportion is higher among larger businesses (93% of medium businesses and 98% of large businesses, vs. 75% overall) and high-income charities (93% of those with income of £500,000 or more, vs. 63% overall).
  • Three in ten businesses and charities (both 30%) have board members or trustees explicitly responsible for cyber security as part of their job role, rising to 51% of medium businesses and 63% of large businesses.
  • 58% of medium businesses, 66% of large businesses, and 47% of high-income charities have a formal cyber security strategy.

Seeking external information and guidance:

  • Four in ten businesses (41%) and charities (39%) reported seeking information or guidance on cyber security from outside their organisation in the past year.
  • 39% of businesses and 32% of charities have taken action on 5 or more of the 10 Steps to Cyber Security, rising to 80% of medium businesses and 91% of large businesses.
  • 12% of businesses and 11% of charities are aware of the Cyber Essentials scheme, with awareness being higher among medium businesses (43%) and large businesses (59%).

Incident response:

  • 22% of businesses and 14% of charities have formal incident response plans in place, rising to 55% of medium businesses and 73% of large businesses.
  • 34% of businesses and 37% of charities reported their most disruptive breach outside their organisation.

Cyber crime:

  • The survey estimates that 22% of businesses and 14% of charities have experienced cyber crime in the last 12 months, rising to 45% of medium businesses, 58% of large businesses and 37% of high-income charities.
  • 3% of businesses and 1% of charities have been victims of fraud as a result of cybercrime, with the proportion being higher among large businesses (7%).
  • The survey estimates that UK businesses have experienced approximately 7.78 million cyber crimes of all types and approximately 116,000 non-phishing cyber crimes in the last 12 months. For UK charities, the estimate is approximately 924,000 cyber crimes of all types.

Sector differences in prioritisation:

  • Businesses in information and communications (65% a “very” high priority), finance and insurance (61% say it is a “very” high priority), and health, social care and social work (62% a “very” high priority) sectors tend to treat cyber security as a higher priority than others.
  • Unlike previous years, food and hospitality businesses now regard cyber security as a higher priority than businesses overall (72% vs. 75% of businesses overall).
  • Businesses in the agriculture sector tend to regard cyber security as a lower priority than those in other sectors (59% say it is a high priority, vs. 75% of businesses overall).

Regional differences in prioritisation:

  • In 2023, businesses in the South East tended to prioritise cyber security higher than the average UK business (80% said it is a high priority, vs. 71% overall).
  • In 2024, the region with the highest prioritisation on cyber security compared to total businesses is the North West (83% said it is a high priority, vs. 75% overall).

Roku data breach explained: Everything you need to know

Roku, a well-known streaming service offering access to platforms such as Netflix and Disney Plus, recently reported its second breach of 2024.

With two breaches occurring within just four months, questions are beginning to rise about the company’s security measures and reputation.

Let’s explore how such a major player in the streaming industry continues to struggle with their cybersecurity.

Let’s take a look inside…

On March 8th, Roku reported a cyberattack that affected around 15,000 users, and a month later on April 12th, a second incident was reported where 576,000 additional accounts were affected.

It was through the investigation and close monitoring that the second incident was discovered.

Among the affected accounts, approximately 400 fell victim to hacker activity. Unauthorised purchases on the streaming service were made, although no sensitive information was compromised.

Roku promptly addressed the issue by issuing refunds to the hacked accounts.

According to Roku, both attackers employed a technique known as credential stuffing, utilising stolen login credentials to gain unauthorised access to user accounts.

Roku stated ‘It’s possible third-party sources provided the login information’.

Additionally, the company highlighted the role of poor password hygiene among users, which could have contributed to the breaches.

In response to the breaches, Roku has implemented a forced password reset for all users, irrespective of whether they were directly affected by the breaches. Since, Roku have implemented a mandatory two-factor authentication requirement for all accounts,

What role did human error play in this breach?

This breach highlights the vulnerability stemming from human negligence towards cybersecurity.

The technique used, called credential stuffing, thrives on exploiting weak password practices overlooked by many users.

By reusing passwords or choosing weak ones, users inadvertently made it easier for attackers.

Users need to take ownership of their own cybersecurity, especially when trusting large companies, assumed to have strong security.

This incident shows that even big corporations can fall victim to cyber threats, emphasising the collective responsibility of everyone in strengthening cyber defences.

What is credential stuffing?

Credential stuffing is a type of cyberattack where hackers use stolen usernames and passwords from one source and try them on multiple websites or services.

It’s like trying a key that you stole from one door on many different doors, hoping it will unlock some of them.

This technique relies on the fact that many people reuse the same passwords for different accounts, making it easier for hackers to gain unauthorised access.

It’s a sneaky way for cybercriminals to break into accounts and potentially access sensitive information or carry out fraudulent activities.
Strong password practices your organisation can implement to prevent credential stuffing

One of the most effective ways to mitigate the risk of breaches, such as the recent incidents experienced by Roku, is by enhancing password practices.

Here are some essential steps to take to strengthen password security:

  • Create unique and complex passwords for each online account. Avoid common phrases, predictable patterns, or easily guessable information such as birthdays or pet names.
  • Utilise passwords that are at least 12 characters long and include a combination of uppercase and lowercase letters, numbers, and special characters. Longer, more complex passwords are more difficult for attackers to crack.
  • Never use the same password across multiple accounts. Reusing passwords significantly increases the risk of credential stuffing attacks, as compromised credentials from one platform can be leveraged to access others.
  • Use reputable password managers to securely store and generate strong, unique passwords for each account. Password managers alleviate the burden of remembering multiple passwords while enhancing security.
  • Remember to regularly update passwords, ideally every three to six months, to reduce the likelihood of unauthorised access due to compromised credentials.
  • Enable two-factor authentication wherever possible. 2FA provides an additional layer of security by requiring users to verify their identity through a second method, such as a one-time code sent to their mobile device.

How Bob’s Business can help your organisation

At Bob’s Business, we understand the importance of strong cybersecurity measures in protecting your organisation against breaches.

Our comprehensive cyber courses are tailored to provide organisations with the knowledge and tools needed to mitigate cyber risks effectively.

Through engaging and informative training modules, we educate users on the importance of strong password practices, the dangers of credential-stuffing attacks, and the implementation of two-factor authentication.

Our platform equips users with practical skills to identify and respond to potential threats, fostering a culture of cybersecurity awareness and resilience within your organisation. Explore our range of courses here.

Why HR’s role in cyber risk management is growing

Many businesses make the mistake of thinking that cyberattacks only target bigger, higher-profile companies, simply because those stories garner news coverage.

The reality? Small businesses are the most at risk of attack.

Hackers look to take advantage of the smaller IT and training budgets to find vulnerabilities that can be used for financial gain.

This blog explores the increasing role of HR in cyber risk management in creating a stronger defence for organisations.

The role of HR in cybersecurity

While IT provides expertise in installing hardware security solutions, such as antivirus and antimalware software, firewalls, and SSL certificates, HR is the expert in policies and people.

One of the biggest risks to an organisation’s cybersecurity is employee errors, both accidental mistakes and intended data security breaches.

A University study found that employee mistakes cause 88% of data breach incidents.

Therefore, HR has a significant role to play in developing a culture of employees who are cyber risk-averse and display the required behaviours to help keep the organisation protected from cyberattacks.

Why the role is growing

Historically, protecting IT systems was seen as a problem for the IT department, and HR would have minimal involvement in cyber risk management.

However, more organisations are realising that HR has a crucial role in helping them establish strong cyber risk management processes.

How HR can help develop a culture of cyber security

While IT teams diligently defend against digital threats, HR plays a vital role in ensuring the entire company is equipped to minimise errors and enhance cyber resilience.

By promoting a positive cyber culture, HR lightens the load on IT, reducing breaches, costs, and downtime.

  • Awareness and education: HR can drive cybersecurity awareness by conducting comprehensive training and providing access to webinars, ensuring all employees understand its importance.
  • Learning and adaptation: HR can facilitate regular workshops and upskilling opportunities in cybersecurity, enabling employees to adapt to evolving threats effectively.
  • Overcoming challenges: HR can address resistance to change by fostering open communication and transparency about cybersecurity, ensuring alignment with organisational objectives.

Read more here about how leaders can create a strong cybersecurity culture.

How HR can develop a high-quality cybersecurity risk management framework

Policies

HR should ensure that comprehensive company policies, such as those related to information security, social media use, and cybersecurity, are in place.

Although the IT team will have the main responsibility for writing policies that sit within their domain, HR should have a policy management process to ensure that policies are kept up to date and are easily accessed by employees – for example, published on the company intranet site.

Setting data and access controls

Another area HR can support cybersecurity in is by ensuring that access levels are appropriate.

Access to systems and data should be restricted; this ensures that only those who are essentially required to can access data for their job responsibilities.

Background checks

Internal fraud is a problem that can lead to data breaches and HR can implement strict screening processes when recruiting, such as background checks and references.

This can help to detect candidates who represent a higher risk to the organisation.

Training and regulatory compliance

HR is responsible for regulatory compliance, including mandatory training.

Traditional regulatory compliance training is not always effective for organisations seeking to increase employee knowledge and develop a culture of high cybersecurity awareness.

Remember, almost 90% of breaches start with simple human error!

Incident response planning

HR has a vital role in maintaining incident response plans. Working closely with IT and other departments, HR selects suitable individuals for key roles within the incident response team.

HR also oversees their actions to ensure they fulfil their duties effectively during incidents. This careful oversight ensures the response team is prepared to handle cybersecurity incidents as they occur.

How Bob’s Business can help your organisation

Bob’s Business is committed to ensuring not only the effectiveness of your IT defences but also the readiness of your employees.

We work closely with your HR team to identify organisational vulnerabilities and provide tailored courses that can be delivered to employees.

By leveraging our expertise and innovative approach, we empower organisations to navigate the complexities of cybersecurity with confidence.

With Bob’s Business by your side, you can effectively minimise errors, reduce breaches, and mitigate the impact of cyber incidents on your business operations.

The state of cybersecurity, Q1 2024 edition.

Q1 of 2024 is already behind us, and while the weather might be improving, the cybersecurity threat landscape certainly is not.

Rapidly advancing AI, evolving scams, and higher-than-usual staff turnover in many organisations have created a perfect storm for cybercriminals, resulting in major breaches and increased vulnerabilities.

At Bob’s Business, we partner with several companies to support organisations through those challenges, develop their security posture, and promote positive outcomes in all forms of cybersecurity challenges.

While we’re the experts on all things cybersecurity education, we’re proud of our partnerships, and so we’re opening the floor to just a handful of our trusted partners for their thoughts on The State of Cybersecurity. Let’s get to meet our panellists:

Meet the panelists

Simon Nicholls, UK VP of Sales at Keepnet Labs

Simon Nicholls is the UK VP of Sales at Keepnet Labs, a company transforming cybersecurity by prioritising the human element through a holistic platform that integrates cutting-edge technology, behavioural psychology, and nudge theory. Simon joined the business as the first VP of Sales and is helping to scale the EMEA operation from the ground up.

Rowan Sinclair, Founder & CEO at Nayaka Security

Rowan Sinclair is the founder and CEO of Nayaka Security, a next-gen security specialist that helps SMEs navigate the wild and wonderful landscape of cybersecurity. With a handpicked suite of leading cybersecurity tools and a focus on education and awareness, Nayaka Security empowers clients to proactively protect their digital assets, forging a secure future for businesses in the digital age.

Karl Greenfield, CEO at Pentest Cyber

Karl Greenfield has been involved in cybersecurity since the 1980s and has led many successful teams and task forces globally, most recently as CEO of Pentest Cyber Ltd; specialising in the provision of Cyber Essentials Plus and high-end penetration testing services, with a focus on providing “result-driven” objective testing services beyond “auto-scans” to a discerning international audience.

We asked them a series of questions about the state of the industry and what they think the future holds for cybersecurity.

What notable cybersecurity threats have emerged or evolved so far in 2024?

Simon: In a similar trend analysis to the Allianz Risk Barometer, we have seen the largest emerging risk in 2024 as mobile devices. Specifically, in this area, there has been an astronomical rise in attacks targeting employees’ MFA. Over a period of 90 days, Okta’s network logged approximately 113 million attacks targeting MFA. Email security is a well-developed space in cyber, but mobile device security has fallen behind, meaning it is the go-to attack vector for many hackers in 2024.

Rowan: Automated social engineering incorporating LLM (Large Language Models) via LinkedIn / Teams / Slack. However, traditional click-a-link phishing is still prevalent, with users consistently falling prey. In my inbox, in particular, I’ve noticed DocuSign, payroll, and faux-supplier phishing attempts.

Karl: The prevalence of AI-augmented techniques in everything including cybersecurity attack and defence can no longer be ignored. The persistence with which the commodity attacks can now be deployed means that any momentary drop in defences for e.g. patching or reconfiguration that would previously be well covered by “good luck alone” can now be enough to result in compromise.

What innovative approaches or strategies are being used to improve cybersecurity awareness and promote a security-conscious culture within organisations?

Simon: Behavioural-based learning is a key element of a solid human risk management strategy in 2024. A blanket approach to improving cybersecurity awareness isn’t sufficient. Our clients are specifically interested in tracking user behaviour across all known attack vectors and training the users that need it most with targeted and tailored training to their knowledge gaps.

Rowan: As the average staff age staff decreases (or we get older), the importance of shorter, bitesize content is important to trap attention spans. On-the-spot training with email security solutions like Tessian or Egress has also helped increase security awareness.

Karl: Blending several approaches together as a bespoke “force multiplier”. PTC’s “Cyber-Capability-As-A-Service” combines pen-testing with managed accreditation. Cyber Essentials Plus is a favourite since NCSC reported 50% uptake increase in a year. Add the need to build, maintain and monitor cybersecurity culture tailored to each environment. We use Bob’s Business’ strengths to convey subjects clearly, to the largest audience. Key to our needs is the integral automation of admin tasks, scheduling and deployment of learning opportunities against organisational deadlines.

How can organisations better prepare and adapt to the evolving cybersecurity landscape?

Simon: Knowledge is preparation. Immersing yourself in the new advancements in cybersecurity will help keep companies 1 step ahead. Attending well-respected events and a select number of webinars/round tables with topics that align with the overall security strategy is the best way to keep abreast of these developments in the most time-efficient way.

Rowan: Constant surveillance such as automated pen-testing solutions, rigorous IDAM, advanced inbound and outbound email security, and, of course, a fully managed user awareness training so IT teams don’t drop the ball on creating a security awareness culture.

Karl: Start by deploying basic defences such as those inherent in gaining “Cyber Essentials Plus”.“Work up” bespoke to your situation, either by your own organisation’s design or in consultation with an expert such as PTC. Remember no two networks are the same so you must tailor your approach to your unique circumstances. One size, and very rarely, one product seldom “fits all”.

What cybersecurity trends and challenges do you anticipate for the remainder of 2024 and beyond?

Simon: Consolidation is a real trend amongst CISOs. With more security tools than ever on the market, CISOs have the challenge of building a robust toolkit for their security teams without the need for them to log in to multiple different platforms every day to do their job effectively. Identifying top-class consolidated solutions to help resolve this issue and reduce overall security spend will be a challenge and trend this year.

Rowan: As a trend, more security for Kubernetes-based businesses and an increased number of solutions incorporating quantum-resistant algorithms. On the challenge side, security continues to be ROI deficient at an SME level meaning continued difficulty demonstrating its value to senior management until ultimately the organisation is hit by a data breach.

Karl: AI will continue to change things in ways that we can only presently imagine. High-skilled, experienced personnel will remain essential and will become even more scarcely available when needed. New geopolitical developments will continue as a vector for “baddies” to seek to exploit us. The good news is that by taking a structured and measured approach to deploying basic defences, we can continue to protect ourselves effectively.

Partner with Bob’s Business

Eight in ten businesses say that cybersecurity is a high priority for their management boards. Bob’s Business offers a range of solutions designed to reduce their risk of breaches by up to 74%.

With generous compensation, hands-on support and unique differentiation in the market, we’re the best choice for companies looking for a trusted partner within the cybersecurity education space.

Learn more and book in time for a partnership chat here.