Survey reveals rapidly increasing business cyber threat.
Three quarters of businesses in Kent have been subject to an attempted email fraud, cyber-attack or telephone fraud in the past six months and expect to see a marked increase in attempts over the next two years, reports a survey conducted by accountants, business and financial advisers Kreston Reeves, Brachers Solicitors and Towergate Insurance Brokers.
The survey was carried out amongst 50 business leaders in Kent attending Preventing fraud and cyber-crime, a seminar jointly hosted by Kreston Reeves, Brachers and Towergate Insurance Brokers on 13 June 2017.
The 50 business leaders also reported that:
- Over half (53%) said 25% of their time was now taken up by managing cyber security;
- 63% now annually review their organisations’ internal finance systems following increased cyber-attacks; and
- That over half (56%) provide regular training for staff on managing cyber-crime and fraud.
Seminar delegates heard from speakers at Kreston Reeves, Brachers, Towergate Insurance Brokers and Barclays about the wider reaching effects of cyber-crime on their business and their contractual responsibilities. Businesses were warned that they should, under the General Data Protection Regulation which comes into force in 2018, review their operations to ensure they meet the tough new rules or face significantly heavier fines.
Delegates also heard that one of the greatest cyber-crime risks to their business comes from their own staff, whether that be fraud or through lack of staff training. Another increasingly common risk is from more sophisticated ‘phishing’ attempts – particularly ‘spear phishing’ where named individuals are targeted by third parties.
Lewis Hunt, Barclays Digital Eagle, gave an impactful and eye-opening demonstration on how easy it is for cyber-criminals to find out personal information online.
Tom Wacher, Director of Forensic Accounting at Kreston Reeves comments: “The estimated annual cost to the UK economy of fraud is around £193bn, of which £144bn was aimed at businesses in the private sector. Three quarters of all prosecuted fraud in the UK takes place in the South East and London, putting firms in Kent at significant risk of being targeted. In our experience, commonly there is a weakness in a business’s system which is being exploited.”
Peter Heffer, Sales Director for Towergate Insurance Brokers in Kent, said: “In recent months, the cyber threat to commerce has hit the headlines, affecting large organisations such as the NHS. However, judging from the seminar’s attendance, businesses are really starting to understand that Cyber exposure is a very real threat.
“Traditional insurance is woefully outdated and, in a technological age where cyber and associated risks are constantly emerging, as responsive insurance brokers, we are regularly being tested to keep one step ahead. However, there is a silver lining. Cyber and fraud protection insurance has come a long way and we are more equipped to help support businesses in the ongoing battle against cyber threats. We are on hand to inform businesses of new regulations that will ultimately affect them; a prime example being the forthcoming General Data Protection Regulation.”
Erol Huseyin, a Commercial Partner at Brachers Solicitors said:
“Every day the criminal world is finding new ways to attack and extort businesses’ IT systems. Businesses have a legal duty to ensure that appropriate measures are put in place to prevent access to personal data and a failure to do so can result in significant liabilities and reputational damage. Those potential liabilities will increase significantly when new EU rules on data protection comes in to force in English law in2018. Businesses will be well advised to update their internal procedures and strategies to mitigate and cope with the risk of a cyber-attack and to review their commercial contracts and trading terms and conditions to ensure they contain adequate protections.”
Colin Smith, an Employment Partner at Brachers Solicitors adds:
“The biggest cyber threat to business is human nature. Education is key to employees as the threat is constantly evolving. It is imperative to review IT policies, induction processes, disciplinary procedures and review contracts of employment. Educating employees on the rules and the risks is also advised.”
Speakers at ‘Preventing Fraud and Cyber-crime’ included:
- Tom Wacher, Director of Forensic Accounting at Kreston Reeves
- Erol Huseyin, Partner and Colin Smith, Partner, Brachers
- Peter Heffer, Sales Director, Towergate Insurance Brokers
- Lewis Hunt, Barclays Digital Eagle