Following the government’s announcement that it will be investing £1.9bn in fighting cybercrime, cybersecurity specialists are urging businesses to work together to help fight cybercrime.
Jason Fry of PAV i.t. services has worked with dozens of corporate and independent businesses across the UK helping them to review and update their cybersecurity policies, procedures and solutions.
He said: “I have no doubt that the majority of companies have, at some point, been the victim of a cyber-attack, security breach or scam, but I am not convinced they would be open and honest about it through fear of criticism, but this is the only way companies will learn, benefit and ultimately reduce the likelihood of an attack.”
Cybercrime has remained a taboo subject amongst businesses with many fearing reproach from existing clients or new customers in the event they reveal they have been exposed to security breaches – something that Jason says hinders progress in this area.
Jason continued: “Unfortunately the fraudsters are always one step ahead so developing a ‘cybersecurity business network’ to share knowledge and experiences of techniques and scams would only prove advantageous in addressing the numerous cyber threats facing companies today.”
Robert Schifreen is a former UK-based computer hacker who was arrested in 1985 for breaching computers at British Telecom. He now runs a security awareness training programme called SecuritySmart.co.uk.
He said: “Certainly there have been huge advances in the ways attacks are carried out and the methods that are adopted by cybercriminals.
“These days we see more and more sophisticated methods being put in to practice that are scarily ‘real’ to the target, such as a combination of social engineering and ‘vishing’ (fraudulent phone calls that appear to come from trusted sources).
“Lack of awareness, not just amongst business owners but their employees as well, is a huge part of the problem.”
In 2013 the Home Office launched Cyber Aware – a campaign to help drive behaviour change amongst businesses and individuals and encourage them to adopt simple secure online behaviours such as using strong ‘phrase based’ passwords and downloading the latest software updates.
Jason added: “Getting the basics right is absolutely fundamental to improving online security across the board and I wholeheartedly support the campaign and the government's investment, however, not enough information is getting through to companies and more needs to be done to drive greater awareness of the tactics being used.
“A secure and authenticated forum where business leaders could chat anonymously would be one example of how companies could share knowledge without fully exposing themselves.
“Until companies are willing to discuss cybercrime openly the fraudsters will continue to have the upper hand.”