Cyber Threat Intelligence (CTI) is vital for organisations, but exactly what is CTI? Cyber threat intelligence, in other words, helps organisations understand the nature of the threat, who is behind it, and what they are trying to achieve.
The UK is one of the most targeted areas globally for cybercrime and the number of security breaches continues to rise. Let’s explore this in greater detail.
The State of Cyber Threat Intelligence Security Breaches in the UK
According to the Cyber Security Breaches Survey 2022, 39% of UK organisations identified a cyberattack, consistent with the last year of the poll. Phishing efforts were the most common threat vector among the 39% of UK organisations that recognised an attack (83 % ).
Around one-fifth (21%) of the 39% indicated a more sophisticated attack such as a denial of service, malware, or ransomware. Ransomware is a considerable danger to businesses despite its low frequency, with 56% of companies refusing to pay for ransomware.
The average estimated cost of all cyberattacks in the last 12 months is £4,200, based on organisations reporting a material impact, such as loss of money or data. When only medium and large firms are considered, the amount jumps to £19,400. The lack of a method for calculating the financial consequences of cyber assaults may lead to under-reporting.
Dealing with Cyber attacks and breaches in the UK
There are several ways in which firms and organisations in the UK have dealt with cyber attacks or breaches. Some of the most common methods are:
Pay for ransomware
The most common method to deal with a cyber-attack or breach is paying for ransomware. This is where a hacker will hijack your system and then demand money (usually in Bitcoin) to return control of the system back to you.
56% of businesses in the UK have a policy not to pay ransoms. This is usually because they have a good backup system in place, so they can restore their data from a previous point. Some companies will also pay the ransom because they feel it is cheaper than the cost of downtime and lost productivity.
Use an incident response plan
If a company has been the victim of a cyber attack or a data breach, they are more likely to have implemented an incident response plan. The majority of businesses (93%) and nonprofits (89%) say they have a formalised crisis response plan.
This is a considerable increase above the previous year’s figure (when 66 % of enterprises and 59% of charities reported having a formalised incident response).
The approaches to incident response are rather comprehensive. Though organisations are adopting a variety of activities, the most commonly mentioned (informing directors or monitoring impact) are reactive, whereas proactive efforts, such as written rules, are less common.
Report cyber risks and incidents
Companies rarely report security breaches to the outside world. Only two-fifths of corporations (40%) and a quarter of charities (25%) showed their most disruptive breach occurred outside of their organization, similar to last year.
Many examples include firms merely disclosing breaches to their external cyber security providers and no one else, as in prior years. Banks, IT providers, internet service providers, Action Fraud, and clients are the top (unprompted) external organisations that firms report breaches.
Cyber insurance
Cyber insurance helps to cover the cost of damages caused by a data breach or cyber-attack and can also help with the cost of recovery. Cybersecurity insurance policies are becoming increasingly popular among businesses, with 7% of companies filing claims in 2021.
Some insurance providers provide organisations with services on threat monitoring and management. For instance, one organisation stated that their insurance allowed them to monitor the dark web and flag if any of their accounts were being sold on it.
Insurance policies helped organisations build a cyber security framework, with most policies specifying the requirements for an organisation’s cyber security posture.
Technical controls
Technical controls are measures taken to protect systems and networks from attacks. Malware protection, password policies, network firewalls, and limited IT administration access is the most commonly implemented rules or restrictions. A cloud service is used by seven out of ten enterprises and slightly over half of the nonprofit organisations.
Training and awareness-raising
Training and awareness-raising are important methods for dealing with cyber-attacks and data breaches. They can help employees understand the risks associated with their work and how to protect themselves and their organization from them.
Employee education on cybersecurity is becoming more common, with over six in ten large firms (61%) and charities with an income of £5million or more (64%) saying they have offered this training in the past 12 months. In both micro/small businesses and charities with an income below £100k, the figure is 16%.
Conclusion
Overall, the state of cyber threat intelligence in the UK is strong. The government and private sector are working together to create a more informed and proactive approach to security breaches. As cyber threats are constantly evolving, it is important to keep up-to-date with the latest information and developments.
Cybersecurity is an important issue for everyone, not just businesses and organisations. We all have a responsibility to protect our online information and be vigilant about the threats that exist.
Show Comments
Comments are closed.