Nine In 10 £5m+ Businesses Hit By Cyber Attacks

Almost nine in 10 UK businesses turning over more than £5 million annually have experienced a cyberattack, according to new research from Forbes Advisor.

The study questioned senior decision makers across a range of UK small and medium-sized enterprises (SMEs), finding that more than half (57%) had suffered an online attack.

However, firms with an annual turnover in excess of £5 million were far more likely to experience cyber-crimes against their company (88%).

These attacks have led to serious consequences in many cases, with more than a fifth of cyber security breaches leading to businesses being forced to pay a ransom (22%).

Personal details are also under threat as these attacks compromised client and staff information in 26% and 23% of cases respectively.

Top examples of misusing company IT




Use the company printer for personal use


Use up space on a company device to store personal files


Apply for other jobs using a company device


Access inappropriate websites via a work device


Gaming on a company device

Source: Forbes Advisor

Of those admitting to using company devices to spend time on inappropriate sites, common destinations include the dark web and sites containing pornographic material (both 17%).

Kevin Pratt, financial expert at Forbes Advisor, says: “The nature of the modern workplace means more online devices are being used than ever. This inevitably means that there are more ways that a business could suffer a digital attack. Our research shows that cyber security issues are incredibly common in this country, particularly among firms with a turnover of £5 million or more.

“We’ve also found that a significant proportion of British businesses are without any form of protection against online assaults, and it’s important to address this shortfall by highlighting the consequences of a cyber attack, such as financial losses and breaches of sensitive information.

“Companies can take a number of measures to protect against cyber-attacks, including anti-virus software, firewalls and VPNs. Prevention really is better than cure”

The post Nine In 10 £5m+ Businesses Hit By Cyber Attacks appeared first on IT Security Guru.

Gearing up for UK Cyber Week: Helping businesses fight back against cyber crime

Over 100 world-class speakers, hackers and disruptors will come together to bridge knowledge gap between cyber and business communities during UK Cyber Security Week event on 4th and 5th April at the Business Design Centre, London arranged by ROAR B2B.


Bringing together globally renowned speakers and leading cyber experts, from Tinder Swindler star, Cecilie Fjellhoy, to Microsoft’s Chief Security Advisor, and Hacker Jason E Street to tech and organised crime investigative reporter, Geoff White, the organisers say the event will provide education and insights on fighting cyber-crime to business professionals looking to incorporate and improve cyber strategies across their organisations at every level.


ROAR B2B are providing conference level content completely free of charge with the aim to create a security community to bridge the knowledge gap, demystify jargon, share the latest thinking and showcase the latest in cybersec tech and initiatives. The event will bring together business and security professionals to level-up UK cyber security, and provide an opportunity for the community to become better prepared to tackle business cyber threats and issues, collectively. The full agenda  can be found here.


Among those sharing their real-life experiences and insights on the state of current and future cyber security will be:


  • Cecilie Fjellhøy– The star of The Tinder Swindler – Netflix’s most-watched documentary of 2022 – will be talking about the sophistication of identity fraud.
  • Sarah Armstrong-Smith – Chief security advisor at Microsoft
  • Jennifer CoxAn award-winning Security Manager with outstanding contribution to Women in Tech will be talking about risk exposure – how to see the whole picture and where to focus resource.
  • ‘Hacker’ – A real-life hacker, whose identity has been protected to ensure open and candid discussion, will open the event, sharing their experiences and techniques used to exploit and infiltrate systems; from airports and casinos to critical national infrastructure facilities.
  • Jayson E. Street – A rare chance to see the Rockstar Hacker in the UK
  • Geoff White– BBC, Sunday Times and Channel 4 investigative reporter – host of top podcast “The Lazarus Heist” will be doing an interactive phishing demo on stage and a book signing at the event.
  • Len Noe– The ex-black hat hacker who can compromise systems with the implants in his body.
  • Jake Moore– Will explore ‘How to hire a hitman on the dark web’ which sounds both risky and cool at the same time.
  • Chris John Riley – Senior security engineer and tech lead, Google Switzerland
  • Dan Gericke, Chief Technology Officer at ExpressVPN on how exposure to Counter-Terrorism efforts in the Middle East shaped his career


“I’m very much looking forward to speaking at UK Cyber Week. It’ll be great to mix with the cybersec pros, share tips on the hackers’ latest tricks, and perhaps sign a few copies of my book The Lazarus Heist!” Geoff White, Investigative Reporter & host of ‘The Lazarus Heist’ said.


Joining the event line-up will be exhibitors at the forefront of cyber security such as Arctic Wolf, Beyond Identity, CrowdStrike, Darktrace, Fortanix, Forescout, ManageEngine, SentinelOne, SenseOn Tech and Thales. Attendees can expect discussion, debate and insights into a range of critical topics; from AI/ML & data science, sophisticated cyber-attacks, the great resignation and increase in cyber risk. From cyber security in legal and compliance, and cloud & platform security to reverse & social engineering.


Bradley Maule-ffinch, Group Managing Director, UK Cyber Security Week said, “The criticality of cyber security has moved it from the basement to the boardroom – but this has created a knowledge gap that must be addressed. Malicious hackers know this and can exploit vulnerabilities too easily. We want to bring everyone together under one roof to share expertise and experiences, and level up cyber security in the UK. Our promise is that everyone, no matter how much or how little expertise they have, leaves knowing more and is better equipped for the battle ahead.”


Free attendee registration is open here.

The post Gearing up for UK Cyber Week: Helping businesses fight back against cyber crime appeared first on IT Security Guru.

What Are Some of the Top Tech Services Businesses Should Use More

Businesses of all sizes, from small startups to large enterprises, are increasingly relying on technology to remain competitive and grow. The right technology services not only make businesses more efficient but also provide a platform for innovation. Technology can increase customer satisfaction and help business owners stay ahead of the competition. Here are some of the top technology services businesses should be utilizing.

1. Cloud Computing

Cloud computing provides businesses with a secure, cost-effective way to store and access data. Cloud services provide reliable server storage for critical applications and data backups. If you use a cloud service, you will no longer need to purchase, maintain, and upgrade on-site servers. It’s also easier and faster to share information between remote employees. Additionally, businesses can use cloud-based software tools to manage marketing, customer service, accounting, and more. While cloud services may require an upfront investment, long-term cost savings can be significant. Also, cloud computing is more secure than traditional on-site solutions.

2. Business Intelligence (BI) Solutions

Business intelligence (BI) solutions are essential for any business that wants to stay competitive in the ever-changing tech world. BI solutions help businesses capture, store and analyze data to make informed decisions. They provide insights into customer behavior, product or service performance, market trends, and other important business metrics. These insights can be used to hone strategies and create an edge over competitors.

Additionally, BI solutions enable businesses to easily identify opportunities for growth and improvement, as well as pinpoint areas of risk. If the business is looking to gain a deeper understanding of its analytics, BI solutions are the way to go.

3. Customer Relationship Management (CRM)

Customer Relationship Management (CRM) is a type of software that helps businesses manage their customer relationships from lead generation to the sales process and beyond. CRM tools help businesses build better relationships with customers, track customer information, prioritize tasks, and streamline business processes. By using a CRM system, businesses can more effectively engage with customers in order to increase loyalty and satisfaction.

Additionally, by leveraging automation capabilities within CRMs such as automated email campaigns, businesses can save both time and money while still providing excellent customer service. By utilizing a comprehensive CRM solution for managing customer data, businesses can make sure no opportunity for increasing revenue is missed.

4. Mobile Applications

Mobile applications are an important component of any company’s digital strategy. They enable businesses to engage with customers on the go, increasing customer satisfaction, and loyalty. Additionally, mobile apps can be used to track customer activity, increase brand awareness and even generate leads. Companies should take advantage of this technology to stay competitive in their markets and provide a better experience for their customers.

If you’re not sure where to start, look into mobile app development services to get started. They can provide valuable insights into the best strategies for your business and create custom mobile applications that make it easier for customers to interact with your brand.

5. Artificial Intelligence (AI) and Machine Learning

AI and machine learning are becoming increasingly popular tools for businesses looking to increase efficiency, reduce costs, and improve customer experience. AI can be used to automate processes such as customer service, data entry, and analytics. It can also be used to develop more accurate predictive models, allowing businesses to better anticipate customers’ needs or wants. Furthermore, machine learning algorithms enable computers to learn from past experiences and use the information they gain to create smarter decisions in less time than traditional computing methods.

6. Internet of Things (IoT)

The internet of things has become a popular technology for businesses and organizations, allowing them to create connected devices that can interact with each other over the web. IoT services offer an easy way for businesses to harness the power of the internet of things by connecting their products, machines, and processes together in order to track data and monitor performance. With IoT services, businesses can gain insights into operational efficiency, customer satisfaction, and product usage all while reducing costs associated with manual monitoring.

Additionally, they can use automated systems such as sensors and tracking devices to better understand their customers’ needs and preferences in order to improve customer service.

The best tech services businesses should use depend on their individual needs and goals. In general, the top options include data analytics, customer relationship management tools, mobile applications, AI and machine learning solutions, and internet of things services. By leveraging these technologies, businesses can gain meaningful insights into their operations while improving customer service and increasing revenue. Lastly, don’t forget to consider the advantages of outsourcing. Companies can save time and money while still taking advantage of the best available tech services.

Cost of data breaches to global businesses at five-year high

Research from business insurer Hiscox shows that the cost of dealing with cyber events for businesses has more than tripled since 2018. The study, which collated data from the organisation’s previous five annual Cyber Readiness reports, has revealed that:

  • Since 2018 the median IT budgets for cyber security more than tripled
  • Between 2020 and 2022 cyber-attacks increased by over a quarter
  • Businesses are increasing their cyber security budgets year-on-year

In the Hiscox 2022 Cyber Readiness report, the financial toll of cyber incidents, including data breaches, was estimated to be $16,950 (£15,265) on average. As the cost of cybercrime grew, so did organisation’s cybersecurity budgets – average spending on cybersecurity tripled from 2018 to 2022, rocketing from $1,470,196.05 (£1,323,973.13) to $5,235,162.16 (£4,714,482.83). 

Hiscox has also revealed that half of all companies surveyed suffered at least one cyber attack in 2022, up 11% from 2020. Financial Services, as well as Technology, Media and Telecom (TMT) sectors even reported a minimum of one attack for three consecutive years. Financial Services firms, however, seemed to be hit the hardest, with 66% reporting being impacted by cyber attacks in 2021-2022.

Alana Muir, Head of Cyber at Hiscox, commented on the findings, saying: “Cyber risk has risen to the same strategic level as traditional financial and operational risks, thanks to a growing realisation by businesses that the impact can be just as severe. While there has been some fluctuation over the years, cyber attacks are on the rise, so the increased focus and investment from businesses to minimise damage to their brand, operations and customers is positive.

“A proactive approach to cyber security is the best way to reduce the likelihood of a cyber event and limit the impact. Businesses should regularly evaluate their processes, people management and knowledge of the subject, and aim to create a culture of cyber security where everyone is well-equipped to respond, should the worst happen.”



The post Cost of data breaches to global businesses at five-year high appeared first on IT Security Guru.

Why is cybersecurity vital for small businesses?

Picture the scene: The office of a small but successful law firm is broken into. During the ensuing break-in, hundreds of documents relating to both employees’ and clients’ personal data are stolen and presumed available for sale online, including compromising personal information and financial data.

Following an investigation, it becomes apparent that the law firm did not employ basic security controls when attempting to protect their physical premises. No security system, no CCTV, and no “locked doors”, per se. As a result, the clients who once trusted this firm with their data begin a mass exodus, and the law firm find themselves in very rocky waters.

This analogy serves to illustrate a crucial point about the cybersecurity posture for SMEs (Small Medium Enterprises). Statistics show that small and medium-sized businesses are not exempt of being targeted by cyber criminals and can be equally, if not more, affected by an attack that could cause significant operational or reputational damage.

Small businesses are subjected to all types of cyberattacks, which include but are not limited to malware, ransomware, and data breaches. All these result in privacy, security, and operational risks. These attacks may also end in stolen funds, compromised confidential business information, and unauthorised access and disruption of day-to-day operations.

Cybercrime is growing alongside the increased use of the internet and business networks. Today, more than ever, organisations of all sizes rely on their networks, data, and internet connectivity to conduct business. Unfortunately, as a result, sensitive data, intellectual property, and personal information of small and medium-sized firms are targeted by an ever-increasing and sophisticated community of cybercriminals.

Fact is, small organisations, are just as much of a target in today’s cybersecurity landscape as the multinational enterprises who make the headlines.


The Automation Factor

Organisations of all sizes must come to terms with the fact that they are likely to be a target of a breach. Similarly to the global trend of businesses’ digital transformation to improve efficiency or to reach a new customer base, the uprise of Cybercrime is the result of digital transformation of traditional crime methods such as extorsion. Fact is, the weaponization of the 21st century criminal has become another market on its own right. Automated blanket attacks, ransomware-as-a-service offerings, widespread phishing campaigns, and other attack vectors have become part of a “business offering” far from the stereotypical ‘evil genius’ hacker extorting an organisation as an independent actor. Ransomware gangs go so far as to attempt to recruit malicious insiders, as it is growing to become a lucrative market in which there is much money to be made.

According to a McKinsey Global Institute report the internet’s economic impact has been greatest among “individual consumers and small, upstart entrepreneurs”. The internet provides a platform that allows even the smallest firms to have a global impact.

Forbes reported in March that small businesses are more frequent targets of cyberattacks than larger companies, often because cyber criminals assume they lack the necessary means to protect themselves. In the US alone, 60% of SMEs were out of business six months following a cyberattack.

As such, organisations are increasingly realising that the investment in cybersecurity platforms should be considered a cost of doing business, as attacks are now also affecting small businesses who are more vulnerable due to a lack of resources and awareness.


Best practices

As technology continues to evolve, the risk of cyberattacks becomes more extensive and complex, therefore it is crucial for small businesses to look into cybersecurity plans.

Leaders need to remember that, no matter how small they believe their own business operations to be, it will never be small enough to remain hidden from cybercriminals; particularly if their cybersecurity infrastructure falls short.

In today’s world, everything is interconnected and many small firms handle sensitive data or require remote access from their personnel. Therefore, security becomes an absolute priority. Failure to deal with it appropriately could mean significant damage on revenue due to service downtime, loss of brand equity and customer trust, professional indemnity, non-compliance issues, and at worst criminal proceedings.

Business leaders and security teams can work together to make smart decisions that improve overall cybersecurity cultures within their company. One of the considerations they should make is working with a specialized service provider that can protect their digital assets and business interests. An example of this is employing the right cyber security partner to provide sophisticated real-time risk management and bring actionable intelligence to the enterprise where and when it matters the most.

MDR Services available by a Cyber Security provider can protect data, assets and identities in real time, and detect, respond and prevent cyberattacks on a 24/7 basis. This takes the pressure off IT teams and leaders, allowing them to focus on their usual day-to-day tasks, while securing the business from internal and external cyber threats. 


The post Why is cybersecurity vital for small businesses? appeared first on IT Security Guru.

Why Should Tech Businesses Prioritise Occupational Health?    

Statistics show that the risks of occupational injuries in the tech sector are lower compared to other industries. A tech career doesn’t sound like something that poses significant risks. So, the question is, should tech businesses be concerned about employees’ health and safety? 

The simple answer is yes! Even if the risks are lower, that doesn’t mean they don’t exist at all. Providing a safe work environment is not only beneficial for the employees’ wellbeing but also a legal obligation – and no business is an exception from the rule.

 More often than not, safety is an afterthought in the tech sector. However, it’s worth mentioning that individuals working in this industry are not invulnerable to injuries. Therefore, businesses operating in the tech sector should prioritise occupational health, just like any other company. Regardless of the industry, employees are an invaluable asset, and it is paramount to ensure they are healthy and fulfilled. 





What are the most common injuries in the tech sector?

While some jobs may be much more hazardous, the tech sector involves its own level of risk. Even if you spend most of your work time attending meetings or writing code, this doesn’t mean you are entirely safe. Injuries can occur unexpectedly – for instance, you could trip and get injured while going to the kitchen to get some coffee. The most common injuries in the tech sector are:

Slips, trips and falls

This type of injury is common in every work environment. While they may sound harmless, slips, trips and falls can lead to severe consequences. Even milder injuries, like bruising and sprains, can cause significant pain that will affect employees’ performance.   

Several factors lead to slips, including wet floors and obstacles such as cables. Other times, uneven flooring panels can be the reason why employees may end up tripping and injuring themselves. If employees sustain an injury resulting from a slip, trip or fall, they are entitled to make a claim and get compensation for the damage they’ve suffered. 

Nowadays, finding a personal injury expert on online platforms is very easy. Employees can get legal advice and file a claim against your company without much effort. However, if this happens, it will put your business operations at risk. Therefore, it’s crucial to avoid this scenario by taking the required steps to create a safer workplace. This means ensuring the floors are clean and dry and eliminating any other hazard that could result in this type of injury.

Musculoskeletal disorders

Programmers and other tech employees repeatedly use a specific body part for the same movement in a day, which can strain that particular body part. One significant concern is carpal tunnel syndrome – this condition can cause numbness, pain and tingling in the arm and wrist and may lead to a loss of strength and inability to grip. 

Business owners can help prevent these issues by implementing an ergonomic process. This is an efficient way to reduce costs and improve employee engagement and productivity. What’s more, ergonomics shows your business’s commitment to health and safety, which is paramount for employees that end up working for you. 

What can you do to reduce hazards?

So, now that we’ve made clear that the tech sector also involves risks, the question is, what can you do to reduce them? Perhaps the most important thing you can do is build a workplace safety program. This involves writing a plan on how you can identify and control workplace dangers, establish safety responsibilities and respond to emergencies that can occur in the workplace. You must encourage employees to maintain the workstation clean, keep a correct posture and take regular breaks. If you already have a workplace safety program in place, consider improving it to ensure it covers the aspects mentioned above. This shows that you care about your employees’ welfare above anything else, which can be highly beneficial for both onboarding and retaining top talent.  

Training and written safety policies are also critical elements of a workplace safety program. Beyond specific risks like slips, trips, and falls, you should also train employees on Emergency Preparedness and Fire Extinguisher Safety. Other ways you can create a healthier work environment include:  

  • Rewarding workers for safe actions;
  • Encouraging stretch breaks;
  • Ensuring you get the adequate equipment and suitable tools for your business;
  • Having frequent meetings to talk about workplace safety. 

Combining technology with safety to create a better work environment 

Nowadays, businesses have the chance to combine tech with safety and health. This can take a business to the next level, ensuring employees perform tasks at their fullest potential. Using tech allows employees to be more aware of the threats they may face. For instance, 3D visualisation technology enables workers to determine if there is any danger before entering a particular website. Real-time data technology can be revolutionary for employees working remotely, as it improves safety. 

Moreover, technology has also improved protective equipment, as workers can use safety glasses for increased protection while working on a computer. Tech companies are responsible for protecting employees and keeping them healthy, as new technologies enable workers to perform better. Considering that the workforce is becoming younger, training methods must also evolve. Innovative technologies like virtual reality, AI and 3D training can ease the working process, making it more appealing. Moreover, a safer workplace leads to higher productivity in terms of income. These are excellent tools that you can use to detect hazardous work situations and help employees learn and work efficiently and safely. 

Tech in the workplace doesn’t only mean advanced IT strategies – you can also use it to improve workers’ health and safety, enhancing productivity. Some technologies that can help lower workplace hazards include training, reporting and monitoring workers’ safety. Technology provides all these fantastic resources that will boost your business and ensure it will last for a long time without experiencing severe disruptions. Therefore, every company operating in the tech sector should embrace all these technological advancements and use them to their advantage to create a safe workplace culture.  

The post Why Should Tech Businesses Prioritise Occupational Health?     appeared first on IT Security Guru.