Latest News

Cyber attacks remain consistent due to improved cyber security but it could be your own employee that’s hacking you from within

Written by Alex Bransome, Chief Information Security Officer (CISO) at Doherty Associates in reaction to the Government’s annual Cyber Security Breaches Survey 2022 covering the period October 2021 to January 2022.

“As cyber postures get stronger, we will likely see the malicious insider attack continue to rise”

The enemy from within – employees bribed by cyber criminals to gain them access to the business network and data”

“The Government’s annual Cyber Security Breaches Survey today confirms that cyber attacksare remaining consistent with 39% of UK businesses identifying an attack in 2021 and 2022, this is down from 46% in 2020 although the report notes that the business sample for the 2022 publication is 12% smaller than the previous year. The survey report also rightly points out that enhanced cyber security leads to higher identification of attacks.

“Thanks to advances in cyber defence technology, cyber awareness, and the mass adoption of multi- factor authentication, cyber postures for businesses and individuals are becoming harder to penetrate through traditional mechanisms such as sending a fraudulent message or malicious link.

“However, as organisations improve their cyberpostures, cyber threat actors will have to think more creatively about ways to gain access and we will likely see a rise in ‘malicious insider’ attacks – cyber criminals engaging and bribing employees, e.g., a disgruntled member of staff, to gain access to the network whether that’s embedding malicious code or providing initial access.

Zero trust and lift and shift to the cloud 

“Businesses should always conduct a full CRB or credit history check on all employees to limit the malicious insider risk and apply zero trust principles in your business where possible, ensuring staff have ‘least privilege’ access, restricting them only to the information they need to do their job. Also, never inherently trust access, always verify for every request.

“Companies with IT systems in the cloud are at an advantage when it comes to implementing zero trust, as the cloudgives greater control and visibility into suspicious and malicious behaviour. For example, if an employee logs in and downloads an unusually high number of SharePoint folders, this is instantly visible and can trigger an anomaly alert, and even actively step in and halt the downloads.

“A zero trust approach combined with a serverless cloud office will protect both your people and your business.

Supply chain risks 

“Alarmingly the number of businesses acting to identify cyber risks every year has declined from 62% in 2019 to 54% in 2022. Organisations should be carrying out cyber risk assessments on their network at least every six months and provide regular comprehensive training for their employees to be cyber aware. This should extend across their supply chain yet as few as 13% of businesses say they’ve assessed the risk posed by their immediate suppliers. Cyber security must be considered an important factor in the procurement process.”