Risk management: the UK Home Office launches a new £4 million information security awareness campaign

The UK Home Office has launched a new £4 million information security awareness campaign, designed to educate businesses and consumers about rising hacker threats and network vulnerabilities. The first stages of this new campaign will begin in the autumn, and will sit alongside other more-established information security initiatives like Get Safe Online, and form part of the broader government National Cyber Security Programme.

The news of the initiative comes as the Home Office has released figures suggesting that the number of crimes committed against UK businesses has surprisingly dropped from 21.5 million in 2002 to 7 million in 2012 as part of a report entitled ‘Crime against businesses: detailed findings from the 2012 Commercial Victimisation Survey. However, it’s important to note that these figures do not take into account cyber-crime figures. An earlier report,the 2013 Information Security Breaches Survey, commissioned by the Department for Business, Innovation and Skills,found that there was a growing trend in the average number of security breaches UK firms are experiencing, which is costing enterprise anything between £35,000 and £1 million. It recommended that all business should make better efforts to manage these risks and regularly carry out vulnerabilities assessments and penetration testing to make their systems more robust and secure.

The latest security awareness campaign has met with mixed responses. Some believe it will muddy the waters even further and yet another initiative will simply add to the confusion over risk management: others have been more positive and broadly welcomed the new initiative.

Graeme Stewart, director of public sector strategy at McAfee, called for a consolidation of security training initiatives. He told the Register:

“McAfee applauds the UK Home Office initiative to raise awareness of the seriousness and impact of cyber threat to UK businesses and citizens.” There are now a number of initiatives spread across HMG and, for our part, we’d like to see a single coordinated campaign that explains the dangers in a straightforward way to board members and directors of organisations both large and small.”

“For the Government’s digital transformation programmes to be successful, UK citizens need to take a certain level of responsibility for their own online safety in order for them to take full advantage of the ‘Digital by Default’ mantra currently in play across UK public sector,” he added.

However Mark James, the technical director ESET UK, welcomed the focus of the awareness training on small business, a sector that’s often overlooked in security awareness programs. He told the Register:

“SMEs form the backbone of the UK economy and without the resources always available to larger enterprises basic cracks in security measures can appear. When breaches in security can cripple a company in terms of both financial and reputational damage, it’s encouraging to see the government taking a lead in helping businesses build up resistance to threats by equipping them with the skills and confidence to adequately educate staff on the ways to spot malware and hacker threats.”

If your business needs help with security reviews, penetration testing or web security solutions, please contact Krypsys on 01273 044072 or [email protected].