The Department for Digital, Culture, Media and Sport (DCMS) has published official statistics from the Cyber Security Breaches Survey 2022.
Among those surveyed who identified any breaches or attacks, around half of businesses (49%) and almost half of charities (44%) say this happens once a month or more. Around three in ten businesses (31%) and a quarter of charities (26%) say they experience breaches or attacks at least once a week.
There have also been a number of recent media stories regarding the heightened risk of cyberattacks on IT systems. They mention that between July and December last year the Information Commissioner’s Office recorded 1,345 “cybersecurity incidents”, which included assailants’ demanding payment to decrypt a target’s computer, and phishing attacks where the victim is tricked into downloading malware or handing over their login details. This represents an increase of nearly 20% in the same period in 2019.
- The three Russian cyber-attacks the West fears the most – bbc.co.uk
- UK data watchdog urges vigilance amid heightened cyber threat – guardian.com
- Government security centre warns colleges of ‘spike’ in cyber attacks – feweek.co.uk
- Cyberattacks see 114% Increase in the last 2 years on Education Sector before Back-to-School – feweek.co.uk
The National Cyber Security Centre (NCSC) in the UK has published several advisories regarding the increased threat and steps that organisations can take to ensure defences are appropriate. We strongly recommend Centres ensure that sufficient safeguards are in place to prevent a cyberattack and consider the preventative steps outlined in the guidance.
Raising cybersecurity awareness
The past few years have seen both a change and an increase in the way we use online technology. Working and learning from home means sending emails, sharing data, creating passwords, accessing websites, and downloading apps and software to make our lives easier. These activities are now ingrained in our everyday lives but it’s crucial that awareness of potential cyberattacks isn’t dulled by this routine. You may want to consider teaching cybersecurity to everyone within your organisation (staff and learners) to ensure knowledge is implemented, helping to prevent breaches and help everyone remain vigilant.
Using qualifications to do this is a way of ensuring consistency across your delivery and provides evidence of the knowledge gained.
Benefits of these qualifications, which centres are using as the new eSafety qualification, include:
- fully funded (subject to learner eligibility)
- no final external assessment – achievement marked through a portfolio of evidence
- achievement of regulated standalone qualification
- opportunity to embed into the curriculum in different ways
- covers a key topical issue relevant to the current day
If you would like to find out more about our Cybersecurity qualifications, speak to the Business Development team by calling 01206 911 240, or contact us online.
Notify us of any cyberattacks
We would also like to take this opportunity to remind our Centres that under the Centre Agreement, both parties must notify each other within 24 hours of any cyberattack experienced. This is particularly important when there is any risk of personal data or system access being compromised. As joint data controllers, this reciprocity protects both parties and ensures we work together towards a resolution that does not adversely affect learners.
*originally published 30th March 2022, updated to include FE Week article