Your July Cybersecurity Roundup: Here’s What You Need To Know

The last month has been packed with key cybersecurity updates that should make every business, big or small, take notice.

From new government plans to (even more) high-profile cyber-attacks, here’s the lowdown on what’s happening and what it means for you.

The UK Government’s Cyber Push: More Money, More Focus

The UK government’s getting serious about cyber security, with a few major developments aimed at strengthening the sector:

• Cyber Growth Action Plan: The government launched a new action plan to boost the UK’s £13.2 billion cyber industry back in June. They’re now pouring in £16 million to back new cyber businesses and research. It’s all part of making the UK a global cyber leader.
• Cyber Essentials Expansion: A major push is underway to expand the Cyber Essentials scheme, especially for businesses in the Professional and Business Services (PBS) sector. This will help improve basic security for smaller businesses, making sure they’re not sitting ducks for cyber criminals.
• Culture Change in Cyber Security: The National Cyber Security Centre (NCSC) has put out new guidelines to help businesses develop a culture where cyber security is everyone’s responsibility and embedded in company culture.
• Data Protection Overhaul: The Data (Use and Access) Bill has been passed, setting up Smart Data schemes for more secure, standardised data sharing. However, there’s some worry that this could cause problems for creators and businesses around intellectual property, especially with AI training.

More Cyber Attacks Hit The Retail Sector

The retail sector has had a rough six months, with several big brands targeted by cyber criminals:

• Co-Op loses customer data: Co-op boss Shirine Khoury-Haq confirms all 6.5 million of its members had data stolen in recent cyber attack
• More Attacks: It wasn’t just the Co-op or M&S, either. Adidas, The North Face, and Cartier all had their own cyber incidents. While not as large-scale, it’s clear that no business is safe. If your brand is high-profile, you’re even more likely to be on the radar.
• Morrisons and Supply Chain Security: Morrisons is still feeling the effects of a breach at Blue Yonder, their warehouse management provider. This shows just how important it is to keep a close eye on your entire supply chain. One weak link can cause serious disruption.

The Public Sector Isn’t Safe Either

It’s not just the private sector that’s feeling the heat. The public sector has had its fair share of cybersecurity headaches too:

• HMRC Fraud: HMRC was duped out of £49 million by cyber criminals who used stolen personal data to create fake tax accounts. While this wasn’t a direct hack of HMRC’s systems, it shows how vital it is to protect personal data from falling into the wrong hands.
• Lost Government Devices: Over £1 million worth of tech has gone missing from UK government departments in the last year. That’s around 2,000 devices, which is worrying, to put it lightly. It’s easy for devices to be lost or stolen, but at the very least, they need to be encrypted and remotely wiped if they go missing.
• Winter Fuel Payment Scams: With the changes to winter fuel payments, phishing attacks are already on the rise, targeting vulnerable individuals. If you get an email or call about it, be suspicious. This is a classic scam to steal personal details.

What You Can Do to Stay Secure

With threats evolving by the day, it’s never been more important to take cyber security seriously. Here’s what businesses can do to protect themselves:

• Keep your defences updated: Cyber threats evolve quickly, so make sure your defences are up to date.
• Lock down your cyber insurance: Don’t just have a policy. Make sure the right people have access and its included in your Business Continuity, Operational Resiliency and Disaster Recovery policies.
• Train your team: Make sure your staff know how to spot phishing emails and other social engineering tricks.
• Protect your devices: Encrypt all mobile and remote devices, and make sure you can remotely wipe them if lost or stolen, using the correct MDM and MAM policies.
• Check your supply chain: Regularly review the security practices of your third-party partners to make sure they’re up to scratch.

Cyber security is a moving target but, whether you like it or not, staying on top of the latest threats and trends is the best way to keep your business safe.

No one’s immune, but you can stay ahead as much as possible by being proactive and keeping your data locked down.