GOV UK urges tough cyber protection
 

As the UK Government publishes its new cyber governance code for businesses to help directors and business leaders to reduce risks associated with business software and encourage firms to equip employees with adequate skills and awareness of cyber issues so they can work alongside new technologies with confidence, we ask Nial McConachie, Regional Director (UK & Ireland), Yubico (www.yubico.com) how improving business-wide security has become a strategic imperative:

“The new government guidelines highlight the strategic importance of cyber resilience within businesses.  With cyberattacks like phishing not only on the rise, but also more sophisticated, it is essential for those in management and executive positions to prioritize, implement, and enforce modern cybersecurity initiatives.  Failure to do so may put them at risk of data breaches that lead to both reputational and financial damage.”

“While the guidance comes in light of rising cyberattacks amongst organizations, it fails to mention the prevalence of phishing as one of the most common forms of attack.  According to a recent Yubico survey (www.yubico.com/resource/state-of-global-enterprise-authentication-survey-uk) many UK respondents have fallen victim to a phishing attack within a 12-month period; the research found 16% of respondents received an email asking for their organization’s information to verify account credentials, and 13% received an email from a familiar company asking for their organization’s data.”

“Despite the frequency of phishing attacks, currently, only 24% of business owners and less than half (43%) of directors frequently discuss the importance of cybersecurity and how to best protect their employees.  So, it’s promising to see that, along with the new guidelines, the UK government is working to provide cyber security training for professionals.  Cyber security awareness should no longer be reserved for the IT team – it is essential training for all employees and should be at the top of mind for everyone, especially executives who make decisions about day-to-day company operations.”

“With technology constantly evolving and bad actors adapting their techniques, senior staff must regularly discuss modern cyber threats and prevention methods and move towards implementing robust cybersecurity practices and solutions that make their business resistant to phishing attacks.  As most individuals and businesses are expected to encounter an increased amount of phishing attacks in 2024, phishing-resistant MFA tools like physical security keys will become critical, if not mandatory, within the near future.”