The Information Commissioner’s Office reported over 3,000 cyber breaches, with the finance, retail, and education sectors being hit hardest
Businesses have been put on notice by the data watchdog to do more to fight cyber threats.
The Information Commissioner’s Office (ICO) has sounded the alarm, stating that organisations must bolster their cybersecurity measures to safeguard personal data amidst an escalating wave of cyber attacks. The ICO has revealed alarming statistics from its records, indicating that more companies than ever are falling victim to cyber breaches, prompting the regulator to issue guidance on common security blunders.
The ICO reported over 3,000 cyber breaches, with the finance, retail, and education sectors being hit hardest. The call to action from the ICO follows a serious cyber incident at the Ministry of Defence, where hackers infiltrated a third-party payroll system containing sensitive information such as names, bank details, and some addresses of military personnel and recent veterans.
The ICO emphasised the critical need for businesses to implement “foundational controls” to fend off cyber attacks. Stephen Bonner, the ICO’s deputy commissioner for regulatory supervision, said: “People need to feel confident that organisations are doing as much as they possibly can to keep their personal information secure.”
Mr Bonner highlighted a concerning gap, pointing out that despite the increasing complexity of cyber attacks, many organisations are failing to adapt and are overlooking basic cybersecurity measures. “As the data protection regulator, we want to support and empower organisations to get this right.
He added: “While there is no single solution to prevent cyber attacks, there is absolutely no excuse for not having the foundational controls in place. These are essential to protecting people’s personal information and we will take action, including fines, against organisations that are still not taking simple steps to secure their systems.”
“If you do experience a cyber attack, we always encourage transparency as your mistakes could help another organisation to avoid a similar breach.” The ICO has issued a new report entitled Learning From The Mistakes Of Others. It provides firms with guidance on how to recognise common security failures and to improve their own security measures.
Notably, the report outlines what the ICO believes are the top five causes of cybersecurity breaches: phishing scams, brute force attacks (where hackers employ trial and error to decipher log-in details), denial of service attacks (where hackers overwhelm a site with traffic to knock it offline), errors in security settings, and supply chain attacks.
