<img src="https://certify.alexametrics.com/atrk.gif?account=b2hlr1ah9W20em" style="display:none" height="1" width="1" alt="">
    Login
    Get started

    100 million local government cyber attacks but still no training?

    Published on 05 Mar 2018 by Lynne Callister

    AdobeStock_126571104_8x4.jpg

    There have been almost 100 million cyber attacks on UK local government over the last four years, with around 1 in 4 local authority systems being breached - some more than once. Of those breached, more than half (56%) had failed to report it.

    These are the stark findings made by privacy group Big Brother Watch, after a series of Freedom of Information requests.

    • Councils estimated that they had dealt with 98 million cyber attacks between 2013 and 2017 (malicious attempts to damage, disrupt or gain unauthorised access to computer systems or devices)
    • The most common forms of attack were malware and email phishing, with ransomware attacks also a growing threat
    • Gloucester City Council was fined £100k by the ICO after the Heartbleed software flaw exposed employees' special category data.

    Yet, most local authorities (75%) don't provide compulsory cyber security training, and 16% have no training at all.

    Follow these guidelines to protect your company from the threat of cyber attacks:

    1. Appoint IT guardians or mentors - who can act as a conduit between various business functions and IT and who can offer informal advice.
    2. Train your team to look for common red flags - for example, a generic salutation (Dear Customer), poor quality logos, spelling mistakes, time pressure, fake domain names, mismatched sender details, etc.
    3. Establish clear protocols - for communicating and sharing information with new clients and suppliers. Insist on direct contact via named personnel or codewords for major changes in terms, payments, etc.
    4. Take extra care - especially if you are in a senior position or your name is in the public domain as you may be more vulnerable to impersonation. If you hold a senior position or are authorised to initiate payments, agree ground rules with your team - eg, to always make direct personal contact by phone, codewords, etc.
    5. Introduce dual authorisation - insist on PO numbers for all large payments to combat CEO fraud
    6. Be proactive - get advice on buying up similar domain names to reduce the chance of customers, suppliers or your team being duped.

    Want to know more about GDPR?

    As well as 30+ free compliance training aids, we regularly publish informative GDPR blogs. And, if you're looking for a training solution, why not visit our GDPR course library.

    If you've any further questions or concerns about GDPR, just leave us a comment below this blog. We are happy to help!

    Leave a comment

    Tick

    Free Trial: Compliance Essentials

    Skillcast Essentials is our best-selling library and there's a reason for that. Essentials library provides comprehensive coverage of the key compliance / conduct issues that companies in the UK face today.

    Request now

    Transparency International & Skillcast Relaunch Anti-Bribery Training

    Transparency International (UK) have partnered with Skillcast to develop free anti-bribery training resources, including a refreshed version of the acclaimed 'Doing Business Without Bribery' ...

    Read More
    5 Steps You Should Take To Avoid Facilitating Tax Evasion

    Even if a company has no knowledge of its employee or associated person facilitating tax evasion, they could still be held liable for 'failure to prevent' the offence. The UK Government introduced ...

    Read More
    10 Things You Should Do To Improve Risk Management At Work

    Whether it's catching the train to work, crossing the road, investing in financial products, or making dietary choices, life is full of risk. You can't remove it, but you can contain or mitigate it.  ...

    Read More
    Skillcast at World of Learning 2019

    Skillcast are hosting a 30-minute seminar at World of Learning (#WOL19) the UK’s most comprehensive event for all aspects of learning and development. About World of Learning 2019 Showcasing a ...

    Read More