Sign Up for our Free Newsletter
menu
Solicitors Journal Homepage
Quotation Marks

“Business leaders must therefore invest in their team’s education to best ensure the organisation is kept safe from cybercriminals...”

Combatting rising cyberattacks: more should be done

Mon May 09 2022Business
Combatting rising cyberattacks: more should be done

Craig Lurey argues a proficient IT team and technology will help prevent cyberattacks

While many have suffered from cyberattacks, businesses within the UK professional services industry are among the worst affected, each hit by an average of 62 cyberattacks over the last 12 months – far above the UK-wide average of 44 per organisation. 

With businesses expecting the number of attacks to increase in the coming years, it’s up to leaders to act now, so they can protect their organisations from being compromised in the future.

Upskill your team 

A proficient IT team is always in a better position to deal with cyberthreats, as skilled employees are capable of making the most of the technology they have at their disposal and adapting to the ever-changing attacks that are launched by cybergangs. However, according to research, IT teams within the UK professional services sector currently lack the necessary skills to defend their businesses. Two-thirds of industry IT decision makers agree that a shortage of skilled workers is having a negative impact on cybersecurity within their organisation.

The skills shortage unfortunately does not stop at IT professionals; employees throughout the entire UK professional services workforce are unaware their own day-to-day habits pose a huge threat to their company, and over three-quarters of IT leaders within the professional services industry believe more needs to be done to educate employees on cybersecurity best practices. 

Business leaders must therefore invest in their team’s education to best ensure the organisation is kept safe from cybercriminals. For IT-specific workers, this means implementing a tailored skill development plan which corresponds to the size of the business, the technology it uses and the risk level the company is facing.

For all other employees across the organisation, it is crucial they are offered comprehensive cybersecurity training that covers best practice within the workplace, such as keeping hardware and software up to date, understanding phishing attempts and company protocol in case of a breach. 

Cybersecurity training should also include an overview of password hygiene; globally, password security issues account for over 80 per cent of all data breaches, so encouraging employees to practise good password hygiene can be incredibly effective in strengthening a business’s cybersecurity defences.

However, good password hygiene doesn’t have to be tedious. These days, it can be facilitated by the introduction of password management software, which simplifies the process by generating unique login credentials and encrypting them – along with any other sensitive data – within a secure digital vault. Employees no longer need to remember hundreds of passwords, and IT can have visibility and control over the use of passwords and other secrets.

External support

Password managers empower each individual to take cybersecurity into their own hands; this is the direction in which the industry is moving. We can no longer view cybersecurity as an issue that can be solved by one person or even a dedicated team; it is instead the responsibility of each and every individual.

Presently, IT leaders within the UK professional services industry are considered the sole guardians of their organisation, put under pressure to resolve each and every cybersecurity issue. Almost half of all IT decision makers within the industry have kept a cybersecurity attack affecting their organisation to themselves, hesitant to reveal the truth and ask for help, for fear of being let go. 

Aware of the dangers this lack of transparency can present, IT leaders are therefore calling for support from a member of the board to be dedicated specifically to the cyber-welfare of the business. This would offer IT leaders a certain level of security and allow businesses to oversee how the entire business behaves when it comes to cybersecurity.

The introduction of an ‘Ofcom’ of cybersecurity, for which a large majority of IT leaders have also indicated their support, would also help to enforce this. The body would provide external oversight and hold businesses accountable for their security policies, so that IT professionals no longer become the scapegoat for a business’s lack of proactivity.

By ensuring formal cybersecurity training sits at the top of the priority list, each employee can become more responsible for the security of the company and ultimately assist IT leaders in protecting their organisation. 

Craig Lurey is CTO and co-founder of Keeper Security keepersecurity.com

 

 

AdvertisementAdvertisementAdvertisementAdvertisementAdvertisementAdvertisement
Latest News

Asylum seekers stranded on Diego Garcia win challenge against return to Sri Lanka

Wed Sep 27 2023

UN and coalition of NGOs write to Unilever to voice deep concern regarding victims of violence at Unilever tea plantation

Tue Sep 26 2023

Live Facial Recognition: How to Stay Within the Law

Tue Sep 26 2023

Ethics Institute launches taskforce to examine legal services to oligarchs and kleptocrats

Mon Sep 25 2023

Legal Departments See Higher Matter Volumes but Flat or Declining Budgets: Thomson Reuters 2023 Legal Department Operations Index

Mon Sep 25 2023

More Than 200 Employers Named And Shamed For Failing To Pay National Minimum Wage

Mon Sep 25 2023

Browne Jacobson collaborates with LGiU on report highlighting “critical” role of local government to hit net zero

Fri Sep 22 2023

BSB publishes new guidance on barristers’ conduct in non-professional life and on social media

Fri Sep 22 2023

The Chancery Lane Project expands to the USA

Thu Sep 21 2023
FeaturedJustice delayed as thousands of cases wait more than two years to be heard
Justice delayed as thousands of cases wait more than two years to be heard
NewsThu Sep 28 2023
Justice delayed as thousands of cases wait more than two years to be heard
Figures published today (28 September) for the backlogs in the Crown and magistrates’ courts show more than 400,000 cases remain outstanding at the end of June this year, with a record high in the Crown Court.*
Solicitors warned over immigration services
Solicitors warned over immigration services
NewsThu Sep 28 2023
Solicitors warned over immigration services
The Solicitors Regulation Authority (SRA) has issued a warning notice to solicitors and law firms reminding them of the rules and requirements they must adhere to when providing immigration services to clients.
The Pre-Action Protocol review final report – full steam ahead?
The Pre-Action Protocol review final report – full steam ahead?
OpinionThu Sep 28 2023
The Pre-Action Protocol review final report – full steam ahead?
Tony Guise examines part one of the Civil Justice Council's report on how to improve the pre-action civil justice system.
New report highlights the transformative effects of domestic abuse training on family lawyers
New report highlights the transformative effects of domestic abuse training on family lawyers
NewsWed Sep 27 2023
New report highlights the transformative effects of domestic abuse training on family lawyers
Following Ministry of Justice Family Harm Panel recommendations, SafeLives calls for specialist training to be embedded across the family court system
SJ Interview: Hannah Ambrose
SJ Interview: Hannah Ambrose
SJ InterviewMon Sep 25 2023
SJ Interview: Hannah Ambrose
Hannah Ambrose is an international arbitration partner at Herbert Smith Freehills. She talks to Solicitors Journal about her practice and the Law Commission's recent proposals to update the Arbitration Act 1996.
Whose human rights are more important, yours or mine?
Whose human rights are more important, yours or mine?
ForewordFri Sep 08 2023
Whose human rights are more important, yours or mine?

Under the law, should your right to express your opinion – be it on politics, the environment, abortion, or anything else – trump my right to go about my business unhindered, whether or not I happen to agree with your opinion?