MORE than two-thirds of Britain’s biggest businesses admit their staff lack the training to deal with the growing threat of cyber attacks, according to new research.
Many top companies and charities have been told to do more to protect themselves from online threats after a government survey found that one in ten FTSE 350 firms had no plans in place to deal with cyber incidents.
The annual Cyber Governance Health Check found 68 per cent of boards had received no training in what to do in the event of a cyber attack despite more than half (54 per cent) acknowledging that it was a top threat to their business.
A separate study found charities were also at risk of attack, especially smaller organisations that rely on outside IT providers to deal with cyber threats.
Cyber security has become an increasing concern for ministers after a worldwide ransomware attack that hit the NHS in May, affecting phone lines, scans and patient records, and forcing hospitals to cancel operations. Politicians in Holyrood and Westminster have also been targeted by hackers, who compromised about 90 email accounts in London in June, including those of three MPs.
MSPs and Holyrood staff were warned this week that hackers were attempting to access weak email accounts.
Digital Minister Matthew Hancock said: “We have world-leading businesses and a thriving charity sector but recent cyber attacks have shown the devastating effects of not getting our approach to cyber security right.
“These new reports show we have a long way to go until all our organisations are adopting best practice and I urge all senior executives to work with the National Cyber Security Centre and take up the government’s advice and training.
“Charities must do better to protect the sensitive data they hold and I encourage them to access a tailored programme of support we are developing alongside the Charity Commission and the National Cyber Security Centre.”
The Cyber Security Among Charities report, also published today, found major variations between charities on awareness of cyber threats, with staff admitting gaps in their knowledge.
Users will be given greater control over their personal data under the new Data Protection Bill set to come into effect in May.
Scottish Parliament officials revealed last week that hackers had targeted Holyrood email accounts in a sustained “brute force cyber attack” – a trial-and-error attempt to steal passwords using brute force instead of a defined strategy.
However, IT systems remained fully functional throughout the attack and there was no evidence that any of the attempts at unauthorised access succeeded.
Britain’s computer emergency response team, the National Cyber Security Centre – part of the intelligence agency GCHQ – helped in the response effort.
Paul Grice, the parliament’s chief executive, said that as soon as the attack was detected, “various cybersecurity measures were quickly deployed to combat this”. He added: “At this point there is no evidence to suggest that the attack has breached our defences, and our IT systems continue to be fully operational. ”
Why are you making commenting on The National only available to subscribers?
We know there are thousands of National readers who want to debate, argue and go back and forth in the comments section of our stories. We’ve got the most informed readers in Scotland, asking each other the big questions about the future of our country.
Unfortunately, though, these important debates are being spoiled by a vocal minority of trolls who aren’t really interested in the issues, try to derail the conversations, register under fake names, and post vile abuse.
So that’s why we’ve decided to make the ability to comment only available to our paying subscribers. That way, all the trolls who post abuse on our website will have to pay if they want to join the debate – and risk a permanent ban from the account that they subscribe with.
The conversation will go back to what it should be about – people who care passionately about the issues, but disagree constructively on what we should do about them. Let’s get that debate started!
Callum Baird, Editor of The National
Comments: Our rules
We want our comments to be a lively and valuable part of our community - a place where readers can debate and engage with the most important local issues. The ability to comment on our stories is a privilege, not a right, however, and that privilege may be withdrawn if it is abused or misused.
Please report any comments that break our rules.
Read the rules here