Many attacks are carried out by large and well-funded Organised crime groups supported by state actors. And the West’s overt support for Ukraine in the ongoing war in Europe is only likely to lead to more aggressive attacks as Russia seeks to punish those nations and organisations it believes are frustrating its geo-political ambitions.
The growth in manufacturing’s reliance on Industrial Control Systems (ICS) adds another layer to the problem. ICSs are an integral part of our lives today. They allow for easier management of our most critical infrastructures and processes. Manufacturing, gas, water, power distribution and transportation all depend on ICSs to keep their processes running on a daily basis.
What’s more, the emergence of the Industrial Internet of Things (IIoT) has allowed users to automate some tasks in the process. We can now control everything simultaneously from a remote location, leading to improved workflow efficiency and helping us reach never-before-seen speed and accuracy.
But all of these new technologies have come with increased vulnerabilities that are ruthlessly exploited by cyber attackers – and a growing number of successful attacks will involve an employee within your team.
These generally come in two forms.
Whichever one they are they contribute to a significant number of data beaches every year.
A 2017 report from Clearswift reported that
“Organizations report that 42% of IT security incidents occur as a result of their employees’
In many cases breaches from former employees stem from an organisational failure to identify a change in employee status at the point the employee leaves the company – a classic disconnect between HR and the IT companies that are responsible for data security. Some companies are more vulnerable to this than others – it often occurs where there are high turnovers of staff or where the HR function is outsourced. But IT and HR policies and procedures are key to help companies combat the threat and make it more difficult for Insiders to operate.
Threats like these are amongst the most difficult to guard against however there are some key considerations for companies.
We recommend that all businesses in the Eastern region consider joining our growing community as a free member of the Eastern Cyber Resilience Centre. Community members receive regular updates which include the latest guidance, news, and security updates. Our core membership has been tailored for small and medium sized businesses and charities who are based across the seven counties in the East of England.
The ECRC is a policing-led, not for profit, membership organisation, with the aim to increase the cyber resilience within small and medium businesses within the East of England (Hertfordshire, Bedfordshire, Cambridgeshire, Norfolk, Suffolk, Essex, and Kent).
As well as our free services consider one of the many affordable services offered by our students which are all carried out to the highest standards and at a price every ompany, no matter how small, can afford – find out more here.
If you are a business, charity or other organisation which is currently suffering a live cyber-attack (in progress), please call Action Fraud on 0300 123 2040 immediately. This service is available 24 hours a day, 7 days a week.
Please report online to Action Fraud, the UK's national reporting centre for fraud and cybercrime. You can report cybercrime online at any time using the online reporting tool, which will guide you through simple questions to identify what has happened. Action Fraud advisors can also provide the help, support, and advice you need. Alternatively, you can call Action Fraud on 0300 123 2040 (textphone 0300 123 2050).
Policing led - business focused.
Click to Open Code Editor