This guide has been produced to help small businesses protect themselves from the most common cyber attacks. If you’re a small or medium-sized enterprise (SME) then there’s around a 1 in 2 chance that you’ll experience a cyber security breach. For micro / small businesses, that could result in costs of around £900.

Following the advice in this guide will significantly increase your protection from the most common types of cybercrime. The 5 topics covered are easy to understand and cost little to implement.

(more…)

The Cyber Security Skills in the UK Labour Market 2021 report explores the nature and extent of cyber security skills gaps (people lacking appropriate skills), skills shortages (a lack of people available to work in cyber security job roles) and job vacancies in the UK.

The research uses a mixture of:

• Representative surveys with cyber sector businesses and the wider population of UK organisations (businesses, charities and public sector organisations – with a focus on businesses)
• Qualitative research with training providers, cyber firms and large organisations in various sectors
• A secondary analysis of cyber security job postings using the Burning Glass Technologies database.

Click to download

The Cyber Security Breaches Survey is an official statistic. Since 2016, it has measured how UK organisations approach cyber security, and the impact of breaches and attacks. This infographic shows the key findings for UK businesses.
Despite COVID-19, cyber security remains a priority among management boards.77% of businesses say that cyber security is a high priority for their directors or senior managers (vs. 69% in 2016).

Phishing is the most commonly identified cyber attack. Among the 39% identifying any breaches or attacks, 83% had phishing attacks, 27% were impersonated and 13% had malware (including ransomware).

Click to download

Cyber intelligence – assessing an adversary’s capabilities, intentions, and activities in the cyber domain – should support and inform the entirety of an organization’s network operations, including offensive and defensive processes. Though essential to an organization’s cyber activities, cyber intelligence as a professional discipline is relatively emergent, particularly its unique tradecraft – a blend of technical knowledge (e.g., network operations, communications, and perhaps digital forensics or malware reverse engineering) and classic analytic skills (e.g., hypothesis and alternative testing).

(more…)

Based on technical assistance to central banks by the IMF’s Monetary and Capital Markets Department and Information Technology Department, this paper examines fintech and the related area of cybersecurity from the perspective of central bank risk management. The paper draws on findings from the IMF Article IV Database, selected FSAP and country cases, and gives examples of central bank risks related to fintech and cybersecurity.

The paper highlights that fintech- and cybersecurity-related risks for central banks should be addressed by operationalizing sound internal risk management by establishing and strengthening an integrated risk management approach throughout the organization, including a dedicated risk management unit, ongoing sensitizing and training of Board members and staff, clear reporting lines, assessing cyber resilience and security posture, and tying risk management into strategic planning.. Given the fast-evolving nature of such risks, central banks could make use of timely and regular inputs from external experts.

Click to download