Businesses – including charities – are not taking cyber security seriously enough, the Institute of Directors (IoD) has warned.
Under a third (28 per cent) of cyber attacks are being reported to the police, according to a new report, Cyber Security: Underpinning the Digital Economy. The IoD also found that companies were keeping quiet even though nearly half (49 per cent) of attacks resulted in interruption of business operations.
The scale of the threat should not be underestimated, the business group added, with over seven in ten firms saying they had been sent bogus invoices via email.
The survey of nearly one thousand respondents showed a worrying gap between awareness of the risks and business preparedness. Whilst nine in ten business leaders said that cyber security was important, only around half (57 per cent) had a formal strategy in place to protect themselves and just a fifth (20 per cent) held insurance against an attack.
Worryingly, official efforts to tackle cybercrime seem to be failing to get through to businesses, with nearly seven in ten IoD members never having heard of Action Fraud Aware, the UK’s national reporting centre for fraud and internet crime.
The growing threat of breaches will create a ‘cyber paradox’, the IoD said, meaning that although business will increasingly take place online, firms will no longer feel confident in the encryption protecting sensitive information when it is transferred. This could lead to companies going back in time, and resorting to old-fashioned methods for sending important data.
Professor Richard Benham, author of the report, said: “Cybercrime is one of the biggest challenges of our generation and companies need to get real about the financial and reputational damage it can inflict. The spate of recent high-profile attacks has spooked employers of all sizes and it is vital to turn this awareness into action. Customers and partners expect the businesses they deal with to get it right.
“As attacks become more prevalent and increasingly sophisticated, businesses need to defend themselves, know how to limit damage, and be ready to respond quickly and comprehensively when the inevitable happens. No shop-owner would think twice about phoning the police if they were broken into, yet for some reason, businesses don’t seem to think a cyber breach warrants the same response.
“Our report shows that cyber must stop being treated as the domain of the IT department and should be a boardroom priority.”
Some of the actions charities can take to get cyber smart include creating a cyber security strategy, raising awareness amongst staff of the common cons used to commit cybercrime, installing software that keeps them and their customers’ details safe and keeping all software up to date.
GlobalGiving has announced a three-week programme of free online training on crowdfunding – but only for charities who apply before the 5 October deadline
Increased cloud adoption is being fuelled by cloud-native applications, including security and the Internet of Things (IoT) cloud-based solutions
As readers of this site will no doubt be aware, digital has a massive part to play in the future growth of ... read more
eBay has proved to be one of the more effective ways to engage donors online and raise funds. While a lot of the money raised comes from the sale of goods, successful charities have also managed to establish a donor base that allows them to raise ongoing funds.