Information security is a major driver of global change. Discover the statistics shaping the digital era and the steps you can take to bolster your defences
Security in the Digital Era
In the UK you are more likely to fall victim to a cyber crime than any other criminal offence. 68% of senior managers view computer security as a high priority, yet less than 1 in 10 companies operate a formal incident management plan.
Risk management is essential to computer security. Our solutions begin at ground-level by identifying opportunities for improvement to help you abandon traditional approaches and accelerate your security transformation.
- The internet was accessed almost daily by 78% of adults in Great Britain in 2015, compared to 35% in 2006.¹
- In 2015, 86% of households in Great Britain had access to the Internet, compared to 57% in 2006.¹
- Sending or receiving emails was the most common Internet activity in 2015, with almost 80% of Internet users going online for this purpose.¹
- Almost 60% of people surveyed used the Internet for online banking.¹
- 17% of adults who used the Internet in the past 12 months caught a virus or other computer infection. 52% made backups of their data.¹
- The consultancy and professional services sectors saw a greater proportion of information security breaches than any other sector surveyed.²
- 90% of large organisations and 74% of small businesses suffered a security breach in 2015. The average cost to a small business was between £75k to £311k, up from £65k – £115k in 2014.²
- 44% of organisations increased their information security spend from 2014-2015, with 46% of large and 7% of small organisations expecting to spend more over the next year.²
- Virus or other malicious software infection is the most common cause of security breach, closely followed by incidents cause by staff.²
- Insufficient priority placed on information security by senior management.²
- Inadvertent human error.²
- Lack of staff awareness.²
- Failure to follow a defined process.²
Business Responses to Increased Threats
- 39% stated they were not investing more in cyber security.²
- 34% chose to invest in new technical controls.²
- 26% invested in training for staff.²
- 24% invested in managed security services.²
Steps to Better Security
› Address the Basics
Download software updates, use strong passwords, delete suspicious emails, use antivirus software and train your staff. Often, the most basic protections are the most important.
› Adopt a Risk Management Approach
To protect your business from a breach, it’s important to understand the risks you face and what you can do to mitigate them. Start by outlining all areas of your network, your people, environment and your processes, then assign a risk level to each factor. Start with the highest risk item and create a list of actions to help mitigate that risk. Risk management should be an ongoing process that is continually updated and adjusted. The world never stands still, so why should you?
› Make Security a Priority
If you want to prevent a breach, security has to be on the top of your agenda – it should never be an afterthought. Outline your main security objectives and start including security in all relevant decisions you make as a business. Any new systems or users should be subject to rigorous testing and/or implementation procedures to prevent new holes from forming before you realise. Thorough information security training should be high on your new employee training agenda, and an integral part of any annual staff training given by your business.
› Develop Information Security Policies
Security policies will help you to define your approach, ensure you’re on track and provide a centralised framework that all your stakeholders can work from. A well-developed policy will account for all areas of your network and should offer detailed information about how different areas of your business should behave. Once you’ve got policies in place, make sure you enforce them stringently. This will prevent a culture of negligence from developing, which can often happen when no single person takes accountability for policy enforcement.
› Get the Right Support
If you lack the time or expertise required to protect your business, it’s time to outsource this function. We would highly recommend working with an information security firm who is experienced, skilled and able to provide for all aspects of security. It will be much easier to manage a single relationship & line of responsibility, rather than dealing with dozens of separate providers.
› Educate Your People
As outlined above, user error is a serious contributor to many information security breaches. Educate your staff and stakeholders about the importance of information security by sharing knowledge and raising awareness. Let them know what you’re doing to protect your business and explain why information security is so important to get right. It may be necessary to consider professional training if your users require a greater level of understanding or if you work in an industry like healthcare where security is of critical importance.
› Consider Certification
If you’re working in an industry where security is highly important, ISO 27001 certification can help you ensure all areas of your business are secure. The standard provides a framework of policies & procedures that will help you bring your business in line with global best practice. If certification isn’t for you, working with an ISO certified support provider may be the answer you’re looking for. See our awards & certifications.
› Lock Down Your Network
To prevent hackers entering your business, you need to close holes that may be present in your network. Treat your network as a physical building, and lock all doors and windows that could leave you open to attacks. Use complex passwords extensively and implement a reliable firewall. It’s also worth monitoring your network for any unauthorised traffic and/or users. Take a look at our 24/7 monitoring service for more information.
¹ Internet Access – Households and Individuals – Office for National Statistics. 2017. Internet Access – Households and Individuals – Office for National Statistics. [ONLINE] Available at: https://www.ons.gov.uk/peoplepopulationandcommunity/householdcharacteristics/homeinternetandsocialmediausage/bulletins/internetaccesshouseholdsandindividuals/2015-08-06. [Accessed 28 March 2017]. ² Gov.uk. 2017. Information security breaches survey 2015 – GOV.UK. [ONLINE] Available at: https://www.gov.uk/government/publications/information-security-breaches-survey-2015. [Accessed 28 March 2017]. ³ Gov.uk. 2017. Cyber security: advice for small businesses – GOV.UK. [ONLINE] Available at: https://www.gov.uk/government/publications/cyber-security-what-small-businesses-need-to-know. [Accessed 28 March 2017].
Promoting Security excellence
Explore how iQuda is helping organisations stay secure
Discover how we’re promoting security excellence through innovative solutions, service excellence and best-practice.
We deliver expert IT solutions to organisations throughout Hertfordshire, Bedfordshire, Buckinghamshire & London. Areas we currently support include Hemel Hempstead, Aylesbury, Chesham, Amersham, Dunstable, Berkhamsted, Tring, St Albans, Barnet, Watford, Kings Langley, Abbots Langley, Harpenden, Hatfield, Luton and the surrounding areas.
To enquire about our solutions, please contact us directly.