Tag Archives: National Cyber Security Programme

Top 10 online-enabled frauds hitting British wallets to the tune of £670 million

Organisers of Get Safe Online – the joint public-private sector Internet safety initiative – have revealed the financial and emotional cost of cyber crime. In a specially commissioned poll of 2,000 people by Vision Critical for Get Safe Online Week 2014 (running from 20 to 26 October), half (50%) of those who have been a victim of cyber crime (including online fraud or cases resulting in economic loss, ID theft, hacking or deliberate distribution of viruses and online abuse) said they felt either ‘very’ or ‘extremely’ violated by their ordeal.

Separate figures prepared by the National Fraud Intelligence Bureau (NFIB) for Get Safe Online Week offer an indication as to the sheer scale of online crime, with over £670 million lost nationwide to the Top 10 Internet-enabled frauds reported between 1 September 2013 and 31 August this year. The £670 million statistic emanates from reported instances of fraud, calculated when the first contact with victims was via an online function.

Given that a significant number of Internet-enabled fraud cases still pass by unreported, the true economic cost to the UK is likely to be significantly higher.

The Get Safe Online survey also reveals that over half (53%) of the population now views online crime just as seriously as they do ‘physical world’ crimes, destroying the notion that online crime is ‘faceless’ and less important than other crimes. As a result, more cyber crime victims (54%) wish to unmask a perpetrator but only 14% have succeeded in doing so.

Get Safe Online Week 2014 is focused on awareness around individuals not becoming the victim of cyber fraud

Get Safe Online Week 2014 is focused on awareness around individuals not becoming the victim of cyber fraud

As stated, half (50%) of those individuals surveyed for Get Safe Online Week have been a victim of online crime although only 32% of these people reported the fact. Around half (47%) of victims did not know to whom they should report an online crime, although this figure is expected to drop due to the ongoing work of Action Fraud (the UK’s national fraud reporting centre) and the considerable Government resources now dedicated to fighting cyber crime.

On a more positive note, victims in the Get Safe Online poll said that their experiences have shocked them into changing their behaviour for the better, with nearly half (45%) opting for stronger passwords and 42% now being extra vigilant when shopping online. Over a third (37%) always log out of accounts when they go offline and nearly a fifth (18%) have changed their security settings on their social media accounts.

In stark contrast, however, most people still don’t have the most basic protection in place. More than half (54%) of mobile phone users and around a third (37%) of laptop owners do not have a password or PIN number for their device. That figure rises to over half (59%) for PC users and two thirds (67%) when it comes to tablet owners.

The 'Don't Be A Victim' Infographic produced by the team at Get Safe Online

The ‘Don’t Be A Victim’ Infographic produced by the team at Get Safe Online

Supporting law enforcement’s response to cyber crime

Commenting on the survey results, Francis Maude (Minister for the Cabinet Office) stated: “The UK cyber market is worth over £80 billion a year and rising. The Internet is undoubtedly a force for good, but we simply cannot stand still in the face of these threats which already cost our economy billions every year.”

Maude continued: “As part of this Government’s long-term economic plan, we want to make the UK one of the most secure places in which to do business in cyberspace. We have an £860 million Cyber Security Programme in place which supports law enforcement’s response to cyber crime, and we’re also working with the private sector to help all businesses protect their vital information assets.”

Francis Maude MP: Minister for the Cabinet Office

Francis Maude MP: Minister for the Cabinet Office

In conclusion, the Cabinet Office leader added: “Our Get Safe Online and Cyber Streetwise campaigns provide easy to understand information for the public on how and why they should protect themselves. Cyber security is not an issue for Government alone. We must all take action to defend ourselves against the threats now being posed.”

Tony Neate, CEO at Get Safe Online, explained: “Our research shows just how serious a toll cyber crime can take, both on the wallet and on well-being. This has been no more apparent than in the last few weeks with various large-scale personal photo hacks of celebrities and members of the general public. Unfortunately, this is becoming more common now that we live a greater percentage of our lives in the online space.”

Neate went on to state: “This year, Get Safe Online Week is all about ‘Don’t Be A Victim’. We can all take simple steps to protect ourselves, including putting a password on our computers and mobile devices, never clicking on a link sent by a stranger, using strong passwords and always logging off from an account or website when we’re finished. The more the public do this, the more criminals will not be able to hide behind a cloak of anonymity.”

Tony Neate: CEO at Get Safe Online

Tony Neate: CEO at Get Safe Online

Detective Superintendent Pete O’Doherty, head of the NFIB at the City of London Police, said: “Cheap and easy access to the Internet is changing the world and transforming our lives. What many of us may be less aware of is the fact that financial crime has moved online and poses a major threat to people of all ages and from all walks of life. Men and women, young and old, rich and poor. It matters little who you are, where you live or what you do.”

O’Doherty continued: “It’s vitally important people are fully aware of the dangers around fraud and Internet-enabled fraud which is why the City of London Police, in its role as the National Policing Lead for Fraud and home to the National Fraud Intelligence Bureau, is fully supportive of Get Safe Online’s week of action.”

Importantly, O’Doherty added: “I would also call on anyone who has fallen victim to an online fraud to report this to Action Fraud. It’s only then that local police forces will be able to track down the main offenders and ensure victims receive the best possible support as they try to recover from what can be an extremely difficult and upsetting experience.”

Have you been a victim of cyber-enabled fraud?

George Anderson, director of product marketing at Internet security specialist Webroot, has also offered his views on the survey results.

“It’s sad but not surprising that 53% of British people have fallen victim to cyber crime,” asserted Anderson. “The Internet has been assimilated into our daily lives to the point where it’s easy to forget how hazardous it is if the proper security measures are not taken.”

Anderson continued: “The key to making the UK a safe Internet user zone is education. As a country, as communities and as individuals we should be actively promoting awareness of Internet safety and security issues. The Government’s research should not scare people away from online activities, but rather start the process of serious and continuous conversations whereby we evaluate the online precautions we take both at home and at work. Education should start at an early age, with parents and education bodies working to ensure future generations populated by ‘security savvy’ individuals.”

Adding to that message, Anderson said: “Understanding what preventative measures we can take ranges from a rudimentary awareness through to in-depth technical knowledge. However, far too many people have become too complacent with modern technology to even practice the basics. The modern person should by now know that computers ought to be protected by updated, Best-of-Breed anti-spyware and anti-virus software. They should practice safe surfing habits and harbour a full comprehension of online activities that would place their information at more risk than others. Also, they ought to be able to identify and understand website privacy policies and know when or when not to impart information regarding personal data.”

*If you think you may have been the victim of cyber-enabled economic fraud (ie where you have lost money), you should report the occurrence to Action Fraud and include as much detail as possible. Telephone: 0300 123 2040. Alternatively, visit: http://www.actionfraud.police.uk

**If you have been the victim of online abuse or harassment, you should report it to your local police force

***For general advice on how to stay safe online visit: http://www.GetSafeOnline.org

Advertisements

Leave a comment

Filed under Risk UK News

Home Secretary praises National Crime Agency on organisation’s first anniversary

During its first year of operation, the National Crime Agency has “broken new ground in the fight against serious and organised crime” and received due praise from Home Secretary Theresa May for doing so.

The National Crime Agency (NCA) and the Serious and Organised Crime Strategy – which was also launched on 7 October 2013 – represent a step change in the Government’s approach to combating serious and organised crime, which is estimated to cost the UK at least £24 billion per annum.

“The National Crime Agency has achieved a great deal in its first year of operation,” stated Theresa May. “Through its close partnership with law enforcement agencies both at home and overseas, the NCA is demonstrating that no-one is beyond its reach.”

The NCA has broken new ground in its investigation of serious and organised crime offences right across the spectrum, including in the area of modern slavery. In its first six months, the organisation achieved over 500 disruptions against serious and organised criminals and secured 300 convictions.

The NCA also co-ordinated a national operation tackling the sharing of child abuse images online. To date, this element of its investigations has resulted in over 600 arrests.

In addition, the NCA has led an international operation designed to tackle malware used for cyber crime and, in parallel, published the National Strategic Assessment – the most authoritative evaluation of the threat to the UK ever put in print.

The National Crime Agency has achieved much in its first year of operation

The National Crime Agency has achieved much in its first year of operation

The NCA is collaborating more closely than ever with law enforcement partners such as HMRC and police forces. Meanwhile, Regional Organised Crime Units (ROCUs) have been strengthened so as to maintain a sophisticated and cohesive regional response to organised crime.

“Now, the NCA needs to build on its strong start and get ahead of the threat,” added the Home Secretary. “This means it must continue to work with a broad range of partners in order to build the best possible intelligence picture and use all of the tools available to disrupt and, importantly, prosecute organised criminals.”

Introduction of the Serious Crime Bill

The new Serious and Organised Crime Strategy is based on the successful framework used for counter-terrorism – Pursue, Prevent, Protect and Prepare – and sets out a comprehensive, detailed cross-Government approach.

As part of this work, the Government has introduced a Serious Crime Bill to ensure that the NCA, the police service and others have the powers they need at their disposal. Measures include the new offence of participation in an organised crime group which targets corrupt lawyers, accountants and other professionals who’ve tried to evade justice by hiding behind a veneer of respectability.

The Government is also building on its success in seizing criminal assets. Over the last four years, around £750 million has been recovered, £93 million returned to victims and in excess of £2.5 billion frozen to put it beyond the reach of criminals.

Measures in the Serious Crime Bill will close loopholes used by criminals to avoid confiscation orders. For example, some criminals attempt to hide money by giving it to third parties such as spouses and associates.

Home Secretary Theresa May MP

Home Secretary Theresa May MP

The Government is committed to working with partners in other European countries – among them Europol and Interpol and also organisations across the private sector – to ensure the UK can act decisively beyond its own borders.

Back in April, the Home Office established a Financial Sector Forum to encourage better information sharing between the Government, law enforcement agencies and the financial services sector and improve the overall response to financial crime.

Tackling the cyber threat

The Government is improving its response to cyber threats by acquiring new technologies and capabilities. For instance, an investment of £860 million is being made over five years through the National Cyber Security Programme. So far, the Home Office has allocated £70 million of that sum to improve law enforcement cyber capabilities.

Last year, the Home Office provided an additional £10 million of funding to the ROCUs, in turn leading to new capabilities that better handle intelligence, protect witnesses and tackle cyber crime and fraud. Further new investments are being made before the end of the year.

“This Government,” continued Theresa May, “has demonstrated considerable progress in the fight against serious and organised crime. After too many years in which organised criminal gangs, their members and their associates ‘got away with it’, we are now sending the clearest possible message. Whoever you are and wherever you are, if you’re involved in organised crime then we will come after you, we will find you, we will prosecute you and we will punish you.”

Leave a comment

Filed under Risk UK News

National Audit Office issues update on UK Government’s National Cyber Security Programme

The National Audit Office has published an update on the Government’s National Cyber Security Programme for the Committee of Public Accounts.

The Programme’s objectives include tackling cyber crime and making the United Kingdom one of the most secure places in the world in which to do business.

The National Audit Office (NAO) report finds that the Government has made good progress in improving its understanding of the most sophisticated threats to national security. However, the level of understanding of threats to wider public services is varied.

While exports in UK cyber products and services have increased by 22% between 2012 and 2013, progress in encouraging trade and exports has been slow and, according to the NAO’s survey of stakeholders, this is the objective against which the Government currently has the poorest performance.

Some progress has been made in encouraging businesses and citizens to mitigate risks, particularly in enticing larger companies to take action. That said, the Government has had a limited impact in targeting SMEs and struggled to communicate guidance in a way that meets their needs.

The UK Government has made good progress in improving its understanding of the most sophisticated threats to national security

The UK Government has made good progress in improving its understanding of the most sophisticated threats to national security

The Programme’s financial management and governance mechanisms are strong, and the Government is on track to spend the Programme’s budget of £860 million by March 2016.

Overall, the NAO finds that Government continues to make good progress in implementing the Programme, which is helping to build capability, mitigate risk and change attitudes. Cyber threats, however, continue to evolve and Government must increase the pace of change in some areas to meet its objectives.

Valid concerns that must be addressed

Responding to the report, Hugh Boyes from the Institution of Engineering and Technology (IET) commented: “While the Government’s investment in this area has increased the capability for the public sector, there is still much to be done to strengthen UK industry. The report highlights industry concerns about the confusing range of advice available and the lack of cyber security skills. These are valid concerns that need to be addressed.”

Boyes continued: “The current cyber security skills initiatives have been focused on providing the skills for individuals employed in cyber security roles. This is a short term solution which does not address the need to improve the security awareness and skills of everyone involved in the design, production and use of software-based systems. That requires significant investment in education and training at all levels in the UK to ensure that software is trustworthy and that those involved in its development and maintenance are applying software engineering Best Practice.”

In conclusion, Boyes explained: “The recent interest in cyber security and cars highlights how this is an issue that extends far beyond our desktop and tablet computers.”

Industry demand for the cyber security skills needed to tackle cyber car crime and the other areas of our business and personal lives threatened by security issues is growing all the time. Only recently, a free online course was launched with support from the Government. The course is designed to inspire the next generation of cyber security professionals.

The MOOC – Massive Open Online Course – has been developed in conjunction with the Open University and support from the IET, and is the first of its kind anywhere in the world to gain Government backing. For more information visit: https://www.futurelearn.com/courses/introduction-to-cyber-security

Cyber security measures must be part of the Government’s smart metering programme

As the Public Accounts Committee publishes its report on the Update on Preparations for Smart Metering, engineers are warning of the need for cyber security measures to be an integral part of the programme.

Dr Simon Harrison of the IET said: “The Public Accounts Committee report does not mention the issue of cyber security. The IET has consistently argued that end-to-end consideration of cyber security has to be a key feature of the smart metering system which will become a part of the nation’s critical infrastructure. It’s crucial that all possible steps are taken to ensure the smart meter system will stand up to the continuing cyber security threat.”

Harrison went on to state: “Smart meters and the smart grid are part of a Critical National Infrastructure which should be planned, designed and managed as a system. The most important role for smart meters is to enable the smart grid, which is needed to support increased renewable energy, electric vehicles and domestic heat pumps and to avoid having to dig up a lot of streets to install new electricity infrastructure.”

Continuing this theme, Harrison explained: “The smart metering programme is challenging in its own right, but it’s the first stage of the building of the smart grid that will be essential for cost-effective and secure low carbon electricity in the future. When considering the costs of the smart metering system, it’s essential that the features designed to enable a future smart grid are taken into account.”

The IET’s concerns centre on examples of systems engineering, a subject that Harrison suggests is currently under-valued in Government. “The IET believes that a professional systems architect function needs to be established and, indeed, will be essential if the UK is to achieve the transition to low carbon electricity both securely and on an affordable basis.”

Leave a comment

Filed under Risk UK News

UK civilians and military personnel learn to defend against online attacks at cyber training camp

After two days of intense hands-on training and development, a new potential generation of UK cyber security defenders (including members of the public and military personnel) have been tested to see if they have what it takes to protect their country from online attacks.

Held at the Defence Academy in Shrivenham, the Cyber Security Challenge UK’s new cyber camp was delivered by a number of the UK’s most prestigious cyber defence companies to help attendees gain foundation skills and confidence to take their first steps into the cyber security profession.

The assessment on Friday 29 August was devised by cyber security operatives from GCHQ and witnessed brave candidates assemble a cyber team battling to overcome the threat of a cyber terrorist group, the Flag Day Associates, who have been staging a number of attacks in the UK over recent months.

The latest incident was reported by the central security team at Parliament Square, a large central London meeting and conferencing space known to host classified gatherings characterised by high secrecy and sensitivity. The team confirmed that the web-based application that controls their intelligent building management software had been targeted and successfully compromised.

The cyber students in action

The cyber students in action

Under the guidance of mentors from GCHQ and other industry experts, as well as previous Challenge candidates, the cyber camp recruits were assessed on their ability to run penetration testing as part of a full security assessment of the web application in order to identify the vulnerabilities that may have been exploited by the attackers.

To prepare them for this test, the cyber camp recruits were taken through two days of training administered by some of the country’s leading cyber security experts.

Content details of the cyber camp

The cyber camp programme was put together by the Challenge with the support of C3IA Solutions (who provide information risk management training and cyber security services for the MoD, the Government and industry) and included:

• Defence, aerospace and security expert QinetiQ introducing cyber camp attendees to the principles of risk assessment and management
• Forensic technology teams at PricewaterhouseCoopers running lessons on digital forensic analysis
• Introductions to business continuity management and security architecture provided by worldwide information security training and education company Infosec Skills (two further modules were completed online ahead of the cyber camp)
• Web application security testing instruction courtesy of cyber security services and solutions specialist IRM
• A module on vulnerability research from Raytheon, the technology and innovation leader specialising in defence and national security
• An interactive session on legal and ethical practice within cyber security delivered by the National Crime Agency

The final stage of the cyber camp witnessed candidates sitting their first professional qualification – the Certificate in Information Assurance Awareness (CIAA) – free of charge. This came courtesy of InfoSec Skills and its examination provider, the Global Certification Institute (GCI).

Cyber camp attendees who performed particularly well were granted places on the new CESG-accredited Cyber Scheme Team Member course.

Growing skills gap in cyber security

The Cyber Security Challenge UK began in 2010 as three competitions run by a small group of supporters from industry, Government and academia designed to address the growing skills gap in the UK cyber security profession.

Now in its fifth year, the Challenge has grown its range of competitions to better represent the variety of skills currently demanded within the profession and is backed by over 75 sponsors from across UK Government (including through its National Cyber Security Programme) as well as major names from industry and academia.

Challenging cyber attackers in among the tanks at Shrivenham

Challenging cyber attackers in among the tanks at Shrivenham

The cyber camps are a more recent addition to the Challenge competition programme. They sit alongside a variety of exciting virtual competitions and provide a first opportunity for candidates to begin crafting their skills.

Stephanie Daman, CEO of the Cyber Security Challenge UK, commented: “Last year’s inaugural cyber camps showed the demand from amateurs to be given the opportunity to break into this field. The camps afford everyday civilians the chance to see what it’s really like to work as a professional in this sector, and what’s involved in defending the UK from ever-growing cyber attacks.”

Daman added: “Talented individuals learn from the best in the industry and, by dint of receiving a qualification for their efforts, they’re provided with a genuine career-enhancing experience. This sector needs more people with talent and skills and all of those involved in this cyber camp will have enjoyed a truly unforgettable experience.”

Kevin Williams, head of partnerships at the National Crime Agency’s National Cyber Crime Unit, stated: “We are proud to be part of this year’s cyber security camp and help to inspire the next generation of specialists to think about a career in cyber security. Our officers tested the skills, technical ability, knowledge and understanding of the candidates to see whether they have what it takes to defend the UK and its citizens from cyber-related attacks. We look forward to continuing our support for the Cyber Security Challenge UK over the coming months.”

Virtual competitions and foundation modules

Terry Neal, CEO at InfoSec Skills, explained: “We’re delighted to support the Challenge through our virtual competitions and foundation modules in IA Governance and IA Architecture delivered during the cyber camp. We hope to inspire the next generation of cyber specialists and help to get them started on their career paths in Information Assurance.”

Charles White, CEO of IRM, said: “Watching the cyber camp recruits learn and compete while surrounded by the physical history of the British Armed Forces illustrates the extent to which the Internet has transformed our lives and how, as a society, we must respond to that change. Where once we had tanks and large armies to defend our nation, we now have skilled and tenacious individuals who thrive on a technical challenge – the UK’s Armed Forces for a Digital Age, if you like.”

On an equally serious note, White also commented: “At this time there is a severe deficit of qualified individuals who are capable of assessing and improving our cyber security defences. If our citizens, Government and businesses want to stay safe in cyber space while also continuing to reap the economic and social benefits it brings then more effort has to be invested in nurturing cyber security talent.”

Leave a comment

Filed under Risk UK News

GCHQ certifies Masters degrees in cyber security

The certification of six Masters degrees in cyber security has been announced by Francis Maude, Minister for the Cabinet Office. This announcement marks another significant step in the development of the UK’s knowledge, skills and capability in all fields of cyber security as part of the National Cyber Security Programme.

The National Cyber Security Strategy recognises education as being absolutely vital to the development of cyber security skills and, earlier in the year, UK universities were invited to submit their cyber security Masters degrees for certification against GCHQ’s stringent criteria for a broad foundation in cyber security.

Partnerships have been key throughout the process with the assessment of applicants based on the expert views of industry, academia, professional bodies, GCHQ and other Government departments.

The six successful Masters degrees were judged to provide well-defined and appropriate content, with all of them delivered to the highest standard.

Francis Maude MP: Minister for the Cabinet Office

Francis Maude MP: Minister for the Cabinet Office

Development of GCHQ-certified Masters degrees will help the successful universities to promote the quality of their courses and assist prospective students in making better informed choices when looking for a highly valued qualification. It also assists employers to differentiate between candidates when employing cyber security staff.

A further call for Masters certification will take place in late 2014 and extend to those degrees focused on critical areas of cyber security such as digital forensics.

Details of certified status for six universities

The six successful universities whose cyber security Masters degrees have been awarded GCHQ-certified status are as follows:

Full certified status
Edinburgh Napier University: Degree – MSc in Advanced Security and Digital Forensics
Lancaster University: Degree – MSc in Cyber Security
University of Oxford: Degree – MSc in Software and Systems Security
Royal Holloway, University of London: Degree – MSc in Information Security

Provisional certified status
Cranfield University: Degree – MSc in Cyber Defence and Information Assurance
University of Surrey: Degree – MSc in Information Security

“Every time I visit GCHQ I see at first-hand the tremendous work being conducted in relation to cyber security,” explained Francis Maude MP. “Cyber security is a crucial part of this Government’s long term plan for the British economy. We want to make the UK one of the safest places in the world to do business online. Through the excellent work of GCHQ in partnership with other Government departments, the private sector and academia we’re able to counter threats and ensure that, together, we’re stronger and more aware.”

Nigel Smart, Professor of Cryptology at the University of Bristol, stated: “I’m delighted to have been appointed as independent chairman of the panel that assessed applications, and am excited that GCHQ has introduced this rigorous standard for judging general cyber security Masters degrees. For the first time, UK universities which become certified will have a means to promote the quality of the cyber security issues they teach.”

Smart also commented: “Over the next few years, as GCHQ certification is applied to more specialised areas of cyber security, I expect the number of UK universities achieving certification of their Masters degrees to increase, thereby helping to raise the overall standard of teaching in cyber security at Masters level.”

Mark Hughes, the President of BT Security, commented: “At BT, we’re acutely aware of the impact of the UK cyber skills gap. Recruiting the right people with the right knowledge and skills is a big deal for us. As a leading Internet service provider we want to employ the very best. That’s why we welcome GCHQ’s certification of Masters degrees in cyber security. The fact that GCHQ recognises these courses as high calibre gives us, at BT, the confidence that those graduating with a Masters from one of these universities will have the sound knowledge base in cyber security we would be looking for. This is a great step forward in developing the cyber specialist of tomorrow.”

Chris Ensor, deputy director for the National Technical Authority for Information Assurance at GCHQ, added: “As the National Technical Authority for Information Assurance, GCHQ recognises the critical role academia plays in developing the UK’s skills and knowledge base. I’d like to congratulate the universities which have been recognised as offering a Masters degree which covers the broad range of subjects that underpin a good understanding of cyber security. I’d also encourage those that didn’t quite make it this time around to reapply in the near future, particularly as we begin to focus on more specialised degrees. Recognition of these degrees is an important first step towards delineating academic Centres of Excellence in cyber security education.”

Leave a comment

Filed under Risk UK News

UK Government campaign urges citizens to be Cyber Streetwise

A new campaign designed to change the way in which people protect themselves while shopping, banking or socialising online in order to avoid falling victim to cyber criminals has been launched today by the UK Government.

The Cyber Streetwise campaign aims to change the way people view online safety and provide members of the public and businesses alike with the necessary skills and knowledge required for them to take control of their own cyber security.

Building on the National Cyber Security Programme1, the campaign includes a new easy-to-use website and online videos.

With more than 11 million Internet-enabled devices received as gifts during the Christmas period2, Cyber Streetwise will help in the fight against online criminals. People are encouraged to protect themselves and their families online by visiting the website for tips and advice.

The new website, http://www.cyberstreetwise.com, offers a range of interactive resources, tailoring an individual’s visit to provide clear advice on the essentials for enjoying a safe experience online.

Security minister James Brokenshire

Security minister James Brokenshire

Security minister James Brokenshire said: “The Internet has radically changed the way we work and socialise. It has created a wealth of opportunities, but with these opportunities there are also threats. As a Government we are taking the fight to cyber criminals wherever they are in the world.”

Brokenshire continued: “‘However, by taking a few simple steps while online the public can keep cyber criminals out and their information safe. Cyber Streetwise is an innovative new campaign that will provide everyone with the knowledge and confidence to make simple and effective changes to stay safe online.”

National Cyber Security Programme

The launch of the campaign is part of the UK Government’s National Cyber Security Programme1 and comes at a time when an increasing number of people use the web on their laptops, tablets and smart phones.

Findings from the Government’s most recent National Cyber Security Consumer Tracker3 suggest that more than half the population are not taking simple actions to protect themselves online.

While 94% of people believe it’s their personal responsibility to ensure a safe Internet experience, the research highlights the facts that:

• only 44% always install Internet security software on new equipment
• only 37% download updates and patches for personal computers when prompted… a figure which falls even further to a fifth (21%) for smart phones and mobile devices
• less than a third (30%) habitually use complex passwords to protect online accounts
• 57% do not always check websites are secure before making a purchase

The Cyber Streetwise campaign underlines that safety precautions taken in the real world have similar relevance in the virtual world. Research shows that shoppers don’t adopt the same behaviours when shopping online as contrasted with shopping on the High Street. A person wouldn’t walk around with their bag open or wallet on show yet, when shopping online and due to the speed of technology, people can be open to unnecessary risk if they’re not careful when using their credit card.

Five key actions to prevent cyber crime

There are five actions people can take in order to protect themselves and others from cyber crime. The key behaviours the campaign is focusing on changing are:

1. Using strong, memorable passwords
2. Installing anti-virus software on new devices
3. Checking privacy settings on social media
4. Shopping safely online, always ensuring to check online retail sites are secure
5. Downloading software and application patches when prompted

The research shows our biggest concerns when it comes to online safety are identity theft (48%) and losing money (52%). 16% of those surveyed claim to have lost at least £500 as a result of having their card details stolen and used over the Internet (representing a total loss of more than £4 billion).

Almost a third (32%) of those who admit to not installing security software on Internet-enabled devices blame a lack of understanding, while around a fifth (18%) say they did not realise the risk.

With initial funding allocated from the Government’s National Cyber Security Programme, the Cyber Streetwise campaign has been joined by a number of private sector partners who are providing support and investment. Among those involved are Sophos, Facebook, the RBS Group and Financial Fraud Action UK.

References

1. For further information on the National Cyber Security Programme, visit: https://www.gov.uk/government/policies/keeping-the-uk-safe-in-cyberspace

2. Figure provided by retail experts Conlumino and based on items bought in the five weeks up to and including Christmas Week 2013. Figure includes tablets, smart phones, connected e-readers, laptops, desktops and connected games consoles. Data derived from Christmas tracker which surveyed 22,762 consumers over the run-up to Christmas 2013

3. National Cyber Security Consumer Tracker – Wave 3, October 2013

Figure based on 16% of the adult UK population (8,028,924) Population Estimates for UK, England and Wales, Scotland and Northern Ireland, Mid-2012 Release, Office for National Statistics, 8 August 2013

4. Cyber Streetwise is a cross-Government awareness and behaviour change campaign delivered by the Home Office in conjunction with the Department of Business, Innovation and Skills alongside the National Crime Agency and Action Fraud and supported by the National Cyber Security Programme (Cabinet Office)

5. The campaign has wide support across industry with over 20 organisations providing access to communications channels to reach their customers or providing monetary support. Organisations involved include: Sophos, Facebook, Financial Fraud Action UK, RBS, Trend Micro and Vodafone

6. The Cyber Streetwise campaign launched on Monday 13 January 2014 with outdoor, radio and digital advertising. The advertising campaign has been designed by M&C Saatchi. To view and download assets please visit: http://www.consolpr.com/outbound/JAN/Cyberstreetwisecollateral.zip

7. To view the online videos visit: http://www.youtube.com/user/becyberstreetwise/videos

Leave a comment

Filed under IFSECGlobal.com News

UK companies “must do more” to tackle cyber threat

The UK’s top companies are not considering cyber risks in their decision-making processes, a new survey has revealed.

The Department for Business, Innovation & Skills’ survey of FTSE 350 companies shows that only 14% are regularly considering cyber threats, with a significant number not receiving any intelligence about cyber criminals.

However, 62% of companies think their Board members are taking the cyber risk very seriously, while 60% understand their key information and data assets.

Science minister David Willetts

Science minister David Willetts

Science minister David Willetts commented: “The cyber crime threat facing UK companies is increasing. Many are already taking this extremely seriously, but more still needs to be done. We are working with businesses to encourage them to make cyber security a Board-level responsibility.”

Development of an official ‘cyber standard’

To tackle the growing threat, the Government is working with industry to develop an official ‘cyber standard’ which will help stimulate the adoption of good cyber practices among business.

Backed by industry, the kitemark-style standard will be launched early next year as part of the £860 million cross-Government National Cyber Security Programme.

Willetts added: “The cyber standard will promote excellence in tackling cyber risks, help businesses better understand how to protect themselves and ultimately increase the nation’s collective cyber security.”

BIS’s cyber governance health check was sent to the chairs of the audit committee of the FTSE 350 companies in August 2013 via the six largest audit firms.

Each company which completed the survey will be offered follow-up advice from one of the firms based on their responses.

The anonymous results, published today by BIS, also show:

•25% of companies considered cyber a top risk
•39% had used the Government’s 10 steps of cyber security guidance
•56% have cyber on the risk register
•17% have clearly set what they see as an acceptable level of cyber risk

Leave a comment

Filed under IFSECGlobal.com News