New report from the Government’s Cyber Aware campaign identifies a ‘perception gap’ which is putting UK businesses and the public at risk online
A new report from the Government’s Cyber Aware campaign, identifies not only the growing gulf between how the public and small businesses view cybercrime and the reality of the threat but the impact this is having on UK’s SMEs with the average cost of a single breach reaching ranging from £1,570 to £19,600.
Recognising that we will have most impact if we work together to bridge this dangerous perception gap, the Government is using the report to call for the SME business community to speak with ‘one voice’ when it comes to educating the public on cyber security as information overload and contradictory advice threatens to leave SMEs confused about where to start.
The new report identifies three key misconceptions common across businesses and the public – from the idea that cyber crime isn’t ‘real crime’ to the belief that there’s nothing anyone can do to stop it – all of which, according to Cyber Aware, is leading to the threat being underestimated, particularly in light of the latest data on cyber crime.
Last year there were 1.6 million victims of bank and credit account fraud who experienced a financial loss, and 1 in 8 of these was not fully reimbursed. Further still, there were 1.2 million victims of computer misuse offences, meaning the average person is roughly 11 times more likely to fall victim to computer misuse than a robbery. Between October 2016 and September 2017, the Crime Survey for England and Wales recorded 1.5 million computer misuse offences including malware attacks and hacking.
According to Cyber Aware, the report evidences and summarises three key misconceptions leading to a ‘perceptions gap’:
- The belief that cyber crime isn’t ‘real crime’ – with 6.4 per cent of computer misuse offences reported to the police and more than half of business that have experienced a cyber breach failing to report it outside their organisation – it is real and very much a threat.
- The belief that cyber crime isn’t ‘something I need to be concerned about’ – only 31 per cent of companies say that cyber security is a very high priority for their senior management, while 72 per cent of consumers believe it is the responsibility of companies to provide them with the tools they need to protect their privacy, security and reputation online. Cyber Crime can affect any organisation with 46 per cent of all businesses identifying at least one cyber security breach or attack in 2016.
- The belief there is nothing they can do to protect themselves – just 7 per cent of micro-firms have incident management processes in place to deal with cyber security breaches and, amongst consumers, under half of individuals take simple steps like always or often downloading the latest software. In reality there are quick, simple and cost effective measures SMEs can take to protect themselves.
Cyber Aware is encouraging businesses of all sizes to play their part in educating staff and customers about online risks and the simple things that can be done to help guard against them, working closely with the National Cyber Security Centre (NCSC) to ensure the most up-to-date and effective advice is shared..
According to Cyber Aware and the NCSC, taking simple steps – such as using a strong and separate password for your email and always installing the latest software and app updates – is key.
The launch of the report also coincides with the publication of the National Cyber Security Centre’s Small Charity guide to help protect small charities from cyber threats – outlining 5 simple steps all charities can take to protect themselves online.
The Minister for Security and Economic Crime, Ben Wallace, said: “Cyber crime has been identified as one of the biggest criminal threats to British business and I am determined to help our businesses disrupt this illegal activity and protect the public.
“The Government is already taking world-leading action to tackle the threat of cyber crime and is investing £1.9 billion to bolster our cyber security.
“Raising cyber awareness is important if we are to take advantage of investment in capability currently taking place by both the public and private sector.”