The capital’s reputation as a safe place in which to do business is under threat unless firms are better prepared against the rising threat of online crime.
A new report from the London Chamber of Commerce and Industry (LCCI) argues that, despite efforts from Government and law enforcement, London firms – particularly small and medium-sized enterprises (SMEs) – are still largely oblivious to the ever-more sophisticated methods cyber criminals are using to steal valuable information.
Cyber crime costs UK companies alone at least £21 billion per year. The costs of a security breach experienced by smaller organisations are rising, with the average cost of the worst attacks now between £65,000 and £115,000 (up from £35,000 to £65,000 a year ago).
The LCCI report – entitled: ‘Cyber Secure: Making London Business Safe Against Online Crime’ – finds that:
*Over 50% of London firms had experienced a cyber breach
*Cyber crime numbers and costs could be far higher due to widespread under-reporting of online fraud to Action Fraud
*A lack of awareness of cyber threats and the high costs of protection remain significant barriers to firms implementing stronger security measures
*Smaller firms are becoming increasingly targeted by cyber criminals as their systems are generally easier to access and they provide an open door to larger companies via supply chains
*Government initiatives to improve awareness and resilience (and to reduce the costs of security) are welcome, but often use overly complex and technical language which renders them inaccessible to the average SME
Creating a single ‘landing pad’ of resources
The LCCI calls on the Government to create a single ‘landing pad’ of cyber security resources aimed at business, making it simpler for companies to know where to go for advice. The Mayor of London can complement this resource for the capital’s firms through the proposed London Business Resilience Centre.
Despite the Government’s designation of Action Fraud as the first point of contact for cyber crime victims, many businesses are not aware of the service’s existence. Minimising the information required from companies and better promotion would help increase reporting rates for vital intelligence.
More also needs to be done to make it easier for firms to recover the costs of cyber crime, and in particular those acts of criminality perpetrated in the UK.
The Government should encourage Internet Service Providers (ISPs) and banks to use the cover of existing laws to release data that could result in faster and more decisive action being taken against criminals.
Some simple guidance to help firms navigate the civil or criminal legal system would also be of valuable assistance.
Growing menace of cyber crime
Colin Stanbridge, CEO of the LCCI, said: “The growing menace of cyber crime is costing business dear in financial, data and intellectual property loss terms. SMEs often have very limited resources they can allocate to cyber security so the Government and Mayor of London must be more targeted in their approach to reaching smaller firms with helpful information, and focus on providing easy–to-adopt online security solutions.”
Stanbridge continued: “Unless more is done to help smaller firms understand and put in place at least basic security measures, the reputation of London as a major global centre for business is vulnerable. The authorities need to work together to make the process of online protection simpler, quicker, easier and cheaper for the smaller firm such that the health of the economy and the reputation of the capital is not undermined.”
Stephen Greenhalgh (Deputy Mayor of London for Policing and Crime) added: “The advance of technology has shifted criminal activity from the streets to the PC. The LCCI cyber security report paints a determined picture of a strong will from Government and law enforcement to protect businesses, but a confused landscape in terms of fragmented initiatives and policy responses. This report should galvanise the effort and make this confusing landscape easier for the business owner to navigate, from the online SME right through to the multinational. MOPAC looks forward to working with the LCCI to raise awareness and simplify the plethora of initiatives out there, particularly for SMEs, through single hubs like the London Business Crime Resilience Centre.”
City of London Police Commander Steve Head, who is also the Police National Co-ordinator for Economic Crime, explained: “Cyber crime is estimated to be costing UK companies at least £21 billion every year, but the reality of the situation is that this huge figure would be even higher if all businesses reported to the authorities when they had fallen victim to an offence committed through the Internet or via other emerging technologies.”
Head also stated: “It’s therefore vitally important that SMEs who fall victim to an online crime contact Action Fraud which, in May, became part of the City of London Police and now sits directly alongside the force’s National Fraud Intelligence Bureau. Working together, they are improving the service provided to small companies whose security has been breached by cyber criminals with, most importantly, the arrival of bulk reporting for industry just around the corner.”
In conclusion, Head opined: “The past year has also seen a significant rise in crime disseminations to UK forces for investigation and a huge rise in the disruption of criminal enablers. However, it’s only by having the full picture of how cyber crime is targeting industry to hand that law enforcement and Government can put in place the resources and measures required to combat what has very quickly become a massive threat to the sustainability and profitability of companies operating the length and breadth of the land.”