Ian Hickling, national coordinator for Police CyberAlarm, talks us through his predictions for cyber trends this year. As we start a new year, it’s only natural to think about the year ahead. As a business owner or manager what are the challenges and opportunities ahead, how will we meet them and what will the latest advances in technology mean?

Relentless Progress

The only constant in technology is change. We cannot fail to spot this in our daily lives as technology becomes part of everything we do. Shopping and paying for goods with a smartphone, making online payments, managing banking accounts and accessing services all done at the touch of a button or screen. The rapid growth in remote working and online meetings, accelerated during Covid, dramatically changed our personal and professional lives. The challenges and opportunities have rapidly been met as organisations quickly adapted to this new reality. Yet the need to provide online portals and remote access for employees, customers and suppliers has also massively increased the ‘attack surface’ of an organisation.

Increased Vulnerability

The opportunities for criminal activity have rapidly increased. Larger organisations have invested heavily in securing their digital real estate, yet still routinely experience multiple attempts to breach their defences daily. Cybercriminals now look to attack bigger businesses through their partners and suppliers and there are several instances where large organisations have been exposed through weaknesses in their supply chain. Smaller organisations have also mistakenly believed they are too small or not valuable enough for cybercriminals to attack them and the cost of implementing adequate cyber security is seen as prohibitive. As a result, they are often the least protected.

Growth in Cybercrime

A recent report from the Federation of Small Businesses (FSB) stated that 72% of SMEs have experienced cybercrime in the last two years. With only a fraction of fraud and cybercrime offences being reported to the authorities, (fewer than one in seven) according to estimates compiled by the Office for National Statistics (ONS), it is very difficult to measure the true volume. The barriers to entry for cybercriminals keep getting lower all the time. If a criminal wants to hit an organisation with a denial-of-service (DoS) attack they can hire in the skills by the hour. (A DoS attack occurs when a hacker makes it impossible for users to access their computer systems, flooding web servers, systems or networks with traffic that overwhelms the victim's resources and makes it difficult or impossible for anyone else to access them.)

New Technology

Is AI a game changer, an opportunity or a potential nightmare for businesses? AI has already been used to improve the quality of phishing emails, will it be possible to fool facial or voice recognition security systems? AI could have the potential to create a seismic shift in the way we implement cyber security, being used, and available, to spot cyberattack attempts and build better security. Yet, the big issue here for the tech companies will be trust and accountability, is AI reliable enough to protect your organisation?

Protecting Against the Growing Threat

Cyber security for any organisation is not just about the most secure technology, it requires robust secure processes and for its people to be cyber aware. The ‘human firewall’ is often the last line of defence and protects against social engineering or sophisticated phishing emails that attempt to fool people into making decisions that will harm the company. Many smaller organisations will be looking for cost effective ways to increase their cyber security stance. The National Cyber Security Centre (NCSC) and UK policing have invested heavily in providing many free tools and services for organisations to help them become more secure.

Police CyberAlarm

Police CyberAlarm is a free tool that organisations can use to monitor their cyber security, report suspicious activity and receive regular reports on what is attacking them. Its members are helping law enforcement to monitor the growth by automatically reporting all the suspicious cyber activity directed at their organisation. Collecting and sharing this sort of information helps identify sources of suspicious activity and informs the cyber security advice offered by police.

Police Cyber Teams

Every local police force has specially trained Cyber Protect Officers who can provide guidance to organisations on how to protect against attacks, prepare for an incident to make recovery easier. They support those who have been victims to ward off further attacks.

Cyber Resilience Centres

The national network of Cyber Resilience Centres (CRCs) is a partnership between policing, the Home Office, Industry and Academia. They help small businesses in their region to understand the threat and how to access the right kind of support, whether you’re a charity, sole trader, micro, small or medium sized business.

Register today if you would like to become part of Police CyberAlarm or find out more about receiving regular security updates and reports to help you gain a better understanding of current threats. To find your regional Cyber Resilience Centre go to - https://nationalcrcgroup.co.uk/regional-centres/