The coronavirus pandemic forced individuals and organisations to innovate and find new ways of working, potentially changing the way we work forever. But it also exposed new weaknesses for cyber criminals to exploit. 

The latest Cyber Security Breaches Survey reports that four in 10 businesses and just over a quarter of charities experienced security breaches or attacks during the first 12 months of the pandemic. Most of these attacks were aimed at medium- to large-sized businesses and charities, but overall, taking into account both quantitative and qualitative data, the Department for Digital, Culture, Media and Sport found that the risk level is potentially higher than ever under COVID-19. 

Businesses are also finding it harder to administer cyber security measures during the pandemic. Fewer businesses are deploying security monitoring tools (35% compared to 40% last year) or undertaking any form of user monitoring (32% compared to 38%). It’s possible that businesses are less aware of the breaches and attacks that their staff are facing.

Around one in four of the businesses identifying cyber attacks or breaches are experiencing them at least once a week. 

The most common attacks that organisations are facing are: phishing attacks and impersonation attacks, such as payment diversion fraud. Other common attacks include viruses such as spyware and malware, denial of service attacks, hacking online bank accounts, the takeover of organisations’ or users’ accounts and ransomware. 

With these new weaknesses exposed and with organisations struggling to maintain cyber security measures, ICAEW is running a Cyber Crime Week from 11-15 October to highlight the current threats, offer advice on how to maintain good cyber hygiene, take a look at cyber fraud, and discuss best practice when it comes to training staff and how to respond in the event of an attack or breach. 

ICAEW will be hosting at least one in-depth piece of content – from videos to events to podcasts each day, along with articles offering insight and advice on each topic. Highlights include:

Avoiding fraud and scams for business – Wednesday 13 October

Businesses are increasingly falling victim to scams and fraud online including scam calls, invoice fraud, purchase scams and CEO fraud as well as a general increase in cyber risk as businesses continue with hybrid working. 95% of losses from cyber-attacks result from human error, with each successful cyber-attack on SMEs resulting in an average loss of £35,000.

Hear from Barclays Head of Fraud, Security and Optimisation about the latest types of fraud and scams facing small businesses and how they can avoid them. 

NCSC cyber security essentials for small organisations – Tuesday 12 October

The National Cyber Security Centre (NCSC) runs through all the essentials that small businesses and organisations need to consider to ensure that they are cyber safe, from the threats they face to the methods they can use to ensure they have addressed every potential risk. 

Podcast: anatomy of a cyber attack – Thursday 14 October

This episode of the ICAEW podcast, hosted by journalist and author of The Dark Net Jamie Bartlett, takes a detailed look at a real-life cyber attack, digging into the ins and outs of the case, the emotions involved and the minds of the cyber criminals themselves.

How people can be a strength in the event of a cyber attack – Friday 15 October

ICAEW’s Kirstin Gillon leads a panel discussion about turning your people into your biggest asset in protecting your organisation from cyber crime. 

Cyber Crime Week content will appear on https://www.icaew.com/insights and in the Insights Daily Newsletter every day next week.