Research reveals UK industry sectors most vulnerable to cyber-attacks

A new research report reveals how technology decision makers at UK Businesses are prioritising cyber security to ensure business continuity and growth.

A new research report reveals how technology decision makers at UK Businesses are prioritising cyber security to ensure business continuity and growth.

The report also highlights newer technologies such as robotics and AI that businesses plan to adopt, how they are using technology to power remote workforces and what technologies they are adopting for growth.

The vast majority of UK Businesses (81%) confirmed that they had suffered a data breach or cyber-attack, with a considerable two in five (37%) admitting they had suffered multiple breaches.

Industry verticals had a significant bearing here, with the hospitality, healthcare, and legal industries topping the list of those suffering multiple attacks.

The top six verticals where respondents had more than one breach, by vertical:

One respondent said their Business suffered at least eight attacks.

Reasons to attack key industries

Hospitality

The hospitality industry is becoming increasingly prone to cyber-attacks because it holds a host of personal and financial information on its guests, as well as other sensitive data, such as payment card information.

Internal audits have an important role to play by critically evaluating the cyber footprint of their organisations.With a hotel Wi-Fi being a public access network and with staff computers allowing access to the cloud database, the concerns about cyber safety in the hospitality industry are definitely not something to take for granted.

In the high-profile Marriott cyber-attack, nearly 400 million customer records were breached. These include 9.1 million encrypted credit card numbers, over 23 million encrypted and unencrypted passport numbers, together with names, addresses, phone numbers and emails. Marriott failed to protect its customers’ data. This has resulted in the company being faced with the cost of restoring its systems, being subject to regulatory fines and class-action litigation. Perhaps most damaging of all is the substantial damage to hotels brand reputation.

Healthcare

Public sector healthcare providers are particularly susceptible to supply chain attacks that exploit the chain of trust, targeting the valuable personal data which healthcare providers store and process. Suppliers can be seen as more vulnerable and an easier route for attackers to gain access to a more lucrative target. Hospitals store an incredible amount of valuable, confidential patient data which hackers can sell on easily – making any supplier to the industry a target.

Legal 

The legal sector is particularly vulnerable to cyber-attacks due to the volume of data, sensitive information, financial responsibility and authority held. If a law firm specialises in corporate or property law, they are at increased risk, as the potential for financial gain is greater. Although the main reason law firms are targeted is for financial gain, there is also a growth in bad actors using cyber-attacks to achieve political, economic or ideological goals.

HR & Recruitment

Payroll fraud, recruitment scams, corporate espionage – cyber-attackers have found numerous routes into organisations via HR. Any identifiable information is valuable to criminals, and payroll and other HR systems are a treasure trove of names, addresses and bank details. If this is compromised, not only can it affect individual employees, it also gives attackers more ammunition with which to increase the likelihood of a successful attack on other parts of the business.

Additionally, recruitment agencies are prime targets for malware. If hit by a data breach, employment agreements and sensitive documents such as passport scans and visa details are all left exposed.

Manufacturing 

The manufacturing sector, which includes automotive, electronics, and pharmaceutical companies, has always been a vulnerable industry when it comes to cyber-crime and security breaches. This is because intellectual property is incredibly valuable, and often manufacturing firms rely on highly specific software packages that are difficult to patch against recent exploits, making them highly vulnerable to attack.

Financial 

The threats facing organisations working directly and indirectly with the finance sector go far beyond simple theft. Cyber threats facing banks, insurance companies, asset managers and similar organisations range from basic consumer-grade malware all the way up to highly targeted attacks from organised criminals and state-sponsored actors. Financial service providers are a hacker’s favourite, given the nature of the private information held by those organisations.

Managing Director of Cirrus Technology Solutions, Anito Lauriello “Most SME’s do not understand what a Cyber Attack is let alone appreciate it’s potential consequences for their business.  The terrible truth is small businesses believe it won’t happen to them and as a result they make no effort to understand the issues or put measures in place to prevent an attack.  Also remember  most attacks originate from within the company meaning most of the time prevention is completely within their control”

In the unfortunate event of a cyber intrusion, it is important that you know what steps to take in order to fix the current issue, and make sure that it doesn’t happen again. In these instances, how you respond to the problem can mean life or death to your company. When secure information becomes accessible to others online, it can create long-term issues for both financial and information security.
Cirrus Technology Solutions help not only avoid malware attacks, but they can also help solve issues that have occurred because of malware attacks. IT services have access to programs and technology that will expose the threat and find the best timely response to ensure that your company’s safety is the top priority.
Sometimes despite your best efforts to hire qualified staff, they just cannot compare to the efficiency that an IT managed service can provide. Having not just one, but a team of professionals to ensure your company’s security is an added benefit of IT services that no single employee can substitute.