This month, close to 40 countries around the world will be taking part in some sort of Cyber Security Month initiative.
Between October 1 and 31st more than 370 talks, workshops, and events ranging from scavenger hunts and ‘Hollywood-style’ video screenings to virtual games and security improv sessions will take place globally.
The theme for European Cyber Security Month is ‘Cyber security is a shared responsibility’, aiming to highlight the fact that cybersecurity requires input from governments, businesses, and individuals.
The motto of National Cyber Security Month in the USA, meanwhile, is ‘Do your part, be cyber smart’.
Throughout the month, the organisers of NCSAM will be emphasising the idea of ‘If you connect it, protect it’.
In the next few weeks, you’ll be able to find articles on all sorts of cyber security topics – from WordPress security to cyber hygiene – on the tsoHost blog.
To get us started, in this post we’ll focus on why taking notice and acting on the advice of Cyber Security Month has never been so important.
The cyber security landscape pre-pandemic
2019 was a year of data breaches. One report suggested that 3,813 breaches – exposing a massive 4.1 billion records – were reported in the first six months of the year alone.
In its Cyber Security Breaches Survey 2019, the Department for Digital, Culture, Media and Sport revealed that 20 per cent of UK businesses had identified breaches or attacks at some point in 2019 – with this percentage rising to 61 per cent for large businesses.
High profile attacks in 2019 included two denial of service attacks against the Labour Party and an attack that caused the government of New Orleans to declare a state of emergency.
However, despite the prevalence and viciousness of attacks taking place in 2019, research suggests that only 33 per cent of companies had cyber security policies in place.
How Covid-19 has impacted cyber security
The Deloitte Cyber Intelligence Centre recently discovered that there has been a spike in phishing attacks, malspams and ransomware attacks since the start of the Covid-19 pandemic.
The centre explains that the reasons for this spike include the following:
• The increased security risk associated with increased remote working/learning
• Impaired functioning of security teams due to the pandemic
• Economic issues forcing people into cyber crime
• Company downsizing that may impact companies’ cyber security posture
• Businesses contingency plans that didn’t plan for a pandemic
Interpol has also reported an increase in cybercrime during the Covid-19 pandemic. In a statement, the international organisation explained:
‘In one four-month period (January to April) some 907,000 spam messages, 737 incidents related to malware and 48,000 malicious URLs – all related to COVID-19 – were detected by one of INTERPOL’s private sector partners.’
Some of the UK’s most recognisable companies have fallen victim to cyber criminals in 2020. In May EasyJet admitted that a ‘highly sophisticated cyber-attack’ had affected approximately nine million customers.
The airline explained that email addresses and travel details had been stolen and that 2,208 customers had also had their credit and debit card details “accessed”.
The 2021 forecast
Cyber security company RiskIQ is predicting that cyber criminals will cost the world $11.4 million every minute by 2021.
Coining the term ’The Evil Internet Minute’, RiskIQ also suggests that in 2021, a UK business will become the target of a cyber-attack every minute.
Interpol has also warned that cybercrime looks set to rise further in 2021.
It said: “Vulnerabilities related to working from home and the potential for increased financial benefit will see cybercriminals continue to ramp up their activities and develop more advanced and sophisticated modi operandi.
“Threat actors are likely to continue proliferating coronavirus-themed online scams and phishing campaigns to leverage public concern about the pandemic.
“Business Email Compromise schemes will also likely surge due to the economic downturn and shift in the business landscape, generating new opportunities for criminal activities.”
Despite, these sorts of predictions, many companies believe that their budgets for cyber security are going to be slashed in 2021.
A report by McKinsey suggested that 70 per cent of chief information security officers believed their budgets would be cut in 2021 – with the biggest cuts expected amongst small consumer and retail businesses.
While we’ll be posting more security-focused articles on the blog in the coming weeks, here are a few links to blogs you can read right now…