Threat of cyber attacks on the rise for finance businesses

Internet usage has soared over the past ten years across different age brackets and across different sectors, unfortunately this also means cyber crime has increased. Financial companies in particular are naturally more susceptible as they hold the most important personal information and of course handle monies. Financial companies are being warned to be more vigilant than ever with their data protection and cyber security. Recent research conducted by data security company Clearswift has concluded that 70% of companies in the financial sector have experienced a cyber security incident in the last 12 months. The research found that almost 50% of the incidents reported were due to employees failing to follow security and data protection policies. 

The research surveyed senior business decision makers within enterprise financial organisations in the UK. This threat was more prominent for mid-sized companies with 3,000 to 4,999 employees. Further causes of cyber security incidents included the introduction of malware and viruses by third party devices such as USBs, file downloads and employees sharing data with unintended recipients.   

The finance sector is particularly at threat due to information dealt with and therefore businesses of any size in the industry need to be prepared for cyberattacks and data breaches.  With banking turning digital with the rise of FinTech and mobile banking, the industry is at risk more than ever.   

Though the financial sector appears at higher risk, this does not mean that businesses in other sectors should not be just as prepared.  The Hiscox Cyber Readiness Report 2019 surveyed organisations across the UK, US and Europe, including non-profit, business and public sectors. The survey found that 61% experienced a cyber incident in the last year, up from 45% the previous year. Most recently, in 2021, they reported that cybercrime had risen for the first time since 2018 as the amount firms were spending on cyber security soared. One year on, and attacks have intensified, but so too has recognition of the threat.

The National Cyber Security Centre offer useful guidance for companies regarding cyber security in its Cyber Security: Small Business Guide.  Following the advice in this guide will significantly increase your protection from the most common types of cyber crime. The 5 topics covered are easy to understand and cost little to implement. This guide can't guarantee protection from all types of cyber attack, but it does show how easy it can be to protect your organisation's data, assets, and reputation. The guidance covers themes such as backing up data, protecting your organisation from malware, keeping smartphones safe and avoiding phishing attacks. Although this guide focuses on advice for small businesses, it would not do any harm for larger businesses to take a look as the advice can be applied to businesses of all sizes. 

We've also put together some of the most important tips to follow in order to stay safe online.

13 Tips to Staying Safe Online

  1. Don’t share personal information.
  2. Keep any written notes locked away if not in use.
  3. Double-check and verify links.
  4. Use secure public Wi-Fi.
  5. Watch out for phishing and scams.
  6. Use a VPN.
  7. Only log into sites that start with https://.
  8. Be careful who you chat with.
  9. Turn off your Bluetooth.
  10. Use antivirus software and ensure it's kept up to date.
  11. Use secure, strong passwords.
  12. Be wary of what you download.
  13. Backup your data.

Further Advice and Guidance:

 

For sole traders and micro businesses

  • If you work for yourself or run a small firm with fewer than 10 employees, the Cyber Aware campaign offers six practical actions you can take to improve your cyber security.
  • You can also create a free personalised Cyber Action Plan to show you what steps to take.

For all small businesses

  • Small businesses of all sizes can benefit from using the National Cyber Security Centre’s (NCSC) Small Business Guide. This offers practical advice to protect your business online.
  • The guide includes a free personalised Cyber Action Plan to show you what steps to take.
  • For greater assurance and to demonstrate your commitment to cyber security, the Cyber Essentials scheme helps to guard against the most common cyber threats.
  • The Response and Recovery Guide helps small businesses prepare their response to and plan their recovery from a cyber incident.

Training and exercises

If your business employs staff, they can benefit from knowing how to protect your business and avoid online scams and fraud. Staying Safe Online: Top Tips for Staff is a totally free, easy-to-use training module which takes less than 30 minutes to complete. For more information on this training, please see the NCSC’s blog post about cyber security training for staff.

If you want to prepare for an incident, the Exercise in a Box is a free online tool to help organisations find out how resilient they are to cyber attacks and practise their response in a safe environment.

At Skipton Business Finance, we have strict policies in place to make sure our business and its clients are not victim to cybercrimes. All of our employees are trained in how to spot fraudulent activity online and what to do in the case of cyberattack. If you would like to find out more, please contact us at info@skiptonbf.co.uk.