In 2020, GOV.UK reported 46% of all businesses and charities experienced a cyber attack. This figure is increasing worldwide year upon year, highlighting the significance of businesses investing in cyber security.
The increase in cyber attacks is attributed to a few aspects; the most predominant being our shift in working culture. Over the course of the pandemic, a significant proportion of companies have turned to homeworking. It seems this shift is here to stay, as 70% of the workforce is predicted to work remotely for at least a few days a month by 2025. Normally internal office systems are set up to automatically mitigate attacks with controlled environments, firewalls, blacklisted IP addresses, and the possibility of increased monitoring helps to protect data. Working from home removes some of these benefits and opens companies up to threats.
In the past year alone, 100 businesses have signed up to TryHackMe services. We also have over 700,000 registered users, and educate and prepare users for careers in cyber security. All businesses need to be aware of their cyber security landscape, and we’re here to make that as accessible and fun for your team as possible.
The cost of not investing in Cyber Security
To justify the investment in cyber security teams it makes sense to discuss the cost of not doing so. A cyber attack can completely inhibit your business. Barriers to accessing your own system networks and data require disaster recovery before you can continue running your business. This costs time, money, and can significantly worsen your consumer trust. Therefore it is absolutely vital to invest in the right infrastructure and teams to help protect you from attacks.
Costs of not investing:
1 - EU-GDPR
This legal framework is in place to protect personal data. It is your responsibility as a company to protect all held personal information from your stakeholders. A breach spanning from poor data protection can cause your business to face legal issues - which are costly and potentially brand damaging. The UK GDPR and DPA 2018 set a maximum fine of 17.5 million GBP or 4% of annual turnover - whichever comes first. Depending on where the company is headquartered in the world however, this can grow astronomically. In 2021, Amazon was fined the equivalent of 636 million GBP from officials in Luxembourg; around 869 million USD.
2 - Customer trust
Customers need to feel safe using your services - whatever industry you are in. Gaining trust is a time consuming and difficult process to undertake, and a breach in your network can destroy this in a matter of minutes.
3 - Getting your data back
Many cyber attacks are launched for financial gain - where ransoms are required for businesses to re-access data or have viruses wiped. In 2020, 33% of companies reported paying their ransoms, amounting to the cost of millions. 22% of these companies never got access to their data back, and 9% were hit with additional ransomware attacks.
4 - Disaster recovery
There is also a cost in getting your company back up and running again. From the vulnerable point of breach, companies need to undertake adequate security measures and hire the appropriate team members for continued protection.
Other costs include the potential for increased security premiums, operational disruption, contract revenue and intellectual property losses. For all of these reasons, investing in cyber security teams through proactive investment is far more beneficial to your business than being reactive - when you are forced to invest.
What businesses need to invest in cyber security?
All businesses are vulnerable to cyber attacks. In 2020, 55% of ransomware attacks targeted businesses with fewer than 100 employees. The largest cyber attacks in history have cost bigger businesses billions; with the most expensive recorded attack in history being Epsilon - at just under 3 billion GBP, or 4 billion USD.
The most targeted industries for attacks include healthcare, government agencies, financial institutions, education, and utility companies. In a nutshell, no single industry is safe, and all businesses should look into investing in cyber security teams.
Investing in teams
Before looking into team development there are some tips you can adopt to protect your data. These include limiting access to your data - ensuring information available to employees is relevant to their job role, and no more excess data is shared. Monitoring your networks, keeping systems up to date and storing secure backups are also important.
Whilst vital to adhere to, these tips alone are not enough to entirely protect your business. Cyber criminals are real-world people looking to explore and exploit every vulnerability across your network. Their tools and techniques are ever-growing in complexity, so a team of creative, like-minded people are the best form of defence for your company.
There are varying job roles for cyber security professionals, ranging from CISOs, (Chief Information Security Officers,) to analysts, developers, and ethical hackers. These people specialise in different areas of cyber security and work together to form a strong force to protect your company.
How TryHackMe can develop your team
It’s simple to warrant hiring cyber security teams - the need is indisputable. However often the real question is how to go about this - roles to hire and how to keep your team up to date with training, ensuring everyone is performing well.
Here at TryHackMe, we like to make training as accessible and affordable as possible. We already help over a hundred companies stay up-to-date with training, by offering adaptable pathways and courses for a variety of job roles and skill levels.
There are a few platforms offering Cyber Security training, but let’s discuss why we can bring the most benefit to your team.
- Expert Content - We pride ourselves on our consistent quality with easy-to-learn pathways. We have a team of over 20 cyber security professionals creating courses actionable in the real world, by monitoring the cyber security landscape and keeping on top of all cyber security advancements. Our content is tailored to all skill sets from the complete beginner to the seasoned hacker, with over 400 offensive and defensive training labs to choose from.
- On-Demand & Hands-on - Not everyone learns the same. We know this first hand, so have created learning pathways that incorporate real-world interactive learning (where users can hack machines,) lesson-based learning, and games-based learning.
- Team Building - We believe teamwork is incredibly useful for education and morale. Your team can play our original hacking game, King of the Hill together privately and remotely. Players aim to compromise a machine and then patch its vulnerabilities to stop other players from gaining access.
- Customisable and Personalised Training - We are adaptable. We know all businesses use differing terminology and tools within cyber security, so you can create branded learning paths that align to skill requirements, and give your teams personalised training.
Request a free TryHackMe trial for your business today!