What can we Learn from Business Victims of Cybercrime?

The threat posed by cybercrime is constantly evolving and with it so is the cost to businesses as they try to retrieve lost data and recover from business interruption, regardless of whether they chose to pay things like cryptocurrency ransom demands or not (police advice is always not to pay by the way!).

Following several more high-profile cyberattacks, including companies like Garmin, Carnival Cruises and the New Zealand Stock Exchange. Why does ransomware continue to impact large and well-defended organisations? What can SMEs learn from this?

What we do know is that modern corporate networks are really complex, increasingly cloud-based and have more connected devices than ever following COVID-19 and the rush to have a workforce who are agile and still work remotely.

The business case for having effective cybersecurity is clear, it’s estimated to cost the Greater Manchester Economy over £860m per year alone.

But we cannot guarantee 100% protection from cybercrime because the threat landscape is constantly and rapidly. My academic partners reliably inform me the half-life of a cybersecurity degree is 18 months. Just half of what students learn in the first year is obsolete by the time they graduate! This means that our defences must equally adapt just to maintain the pace.

Police Cyber Crime Units help businesses victims investigate and recover from attacks. We see the impact but can also identify trends and learn from patterns to help protect businesses before they become victims. This is why we need to encourage victims to report cybercrimes, the percentage of reported crimes is as low as 1-2%!

The lessons we’ve learnt from victims are worth sharing because these stories are really powerful and help organisations better understand the threat and why it’s so important to protect themselves. It also helps to build trust and confidence in the police’s ability to respond and demonstrate that we understand the unique needs of business victims who want (and need) to get back online asap.

The challenge is how to share these stories when reporting is so low and businesses are understandably concerned about their brand and reputational damage and fearful the cops will just seize their hardware for long and protracted digital forensic examinations. We must do better to really understand business victims, anonymise and share their stories and make cybersecurity accessible both financially and in the language we speak.

The average date from infection to detection is 150 days so we need more victims to come forward as we believe up to 80% of cybercrime is preventable by following basic cyber PROTECT advice, much of which can be provided for free or at low cost through the Cyber Resilience Centre, which is supported by Greater Manchester Police and consistent with the advice produced by the National Cyber Security Centre.

The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of Cyber Resilience Centre for Greater Manchester (CRCGM) is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others.  Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. CRCGM provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

CRCGM does not accept any responsibility for any loss which may arise from reliance on information or materials published on this website. CRCGM is not responsible for the content of external internet sites that link to this site or which are linked from it.