2017 is the year in which cyber security didn’t just dip its toe into the mainstream, but it made its entrance into the pool of thought with a double tuck belly splash off the high dive. Organisations have finally woken up to the fact that security must be in place as the recovery costs from phishing attacks, ransomware infections or data breaches are of high cost.
So as the security systems around the world appear to be held together by chewing gum and plasters, let’s look back at the past year from an infosecurity news and Bob’s Business standpoint with 2017: In Review.
What has gone on at Bob’s Business?
Let’s start with the good news!
Over the past 12 months, Bob’s Business has seen extensive changes in its size and structure with a number of significant moments that summarise the year perfectly.
Bob’s Business has undergone rapid expansion with 12 new members of staff across all departments, the opening of a new office in Huddersfield, as well as the forming of a new Phishing and Sales department with the aim of delivering more comprehensive Think Before You Click campaigns and maximising our client conversion potential.
Throughout 2017 we exhibited at numerous locations including; Liverpool, London, Leeds, York, Reading, Malvern, whilst clocking up the air miles, exhibiting in Latvia during October.
Next year you will hear plenty about GDPR if you haven’t already, the new EU legislation that will be replacing the Data Protection Act 1998 on the 25th May 2018.
Bob spent the year developing a new series of GDPR modules which will be released at the start of 2018 with the aim of providing the most comprehensive staff introduction that look at the changes, the impacts and roles and responsibilities of all your employees.
2017 was our strongest year yet and we have set ambitious targets to make next year even better. 2018 is going to be an exciting year for Bob’s Business.
Who we’ve helped
2017 proved to be a hugely successful year for Bob’s Business and our clients – we are immensely proud of the work we have done and the success stories that we have helped create.
By using Bob’s Business cyber security awareness training, our clients were able to gain ISO 27001 accreditations.
This year we developed bespoke modules for Co-op, Martin-Baker and Dog’s Trust to provide that extra layer of e learning that is specifically tailored to their policies and procedures. In doing so, we have been able to educate over 100,000 users with bespoke training that was of vital importance to these organisations.
Security Stories that made headlines in 2017
Infosec has gone mainstream this year and we can guarantee that this will only continue throughout 2018.
Now for the bad news… it’s not for the right reasons!
In May, the NHS was attacked by the malware strain WannaCry which brought down the health service. Windows XP machines connected to the internet of things (IoT) were infected leading to operations being cancelled and leaving entire systems down. This was followed rather quickly by Petya, another ransomware which hit organisations such as DLA Piper.
As the country watched one of the UK’s most respected institutions fall victim to a cyber attack, this proved to be a wakeup call for organisations as they realised the importance of securing systems, putting in procedures and most importantly empowering their staff by offering them training that not only works for the organisation’s needs, but for their employees too.
You can read about the NHS’s breach origins and effects in our blog post here.
Breach after breach after breach has torn down the reputations of some rather large organisations and lifted the veil that shielded them, tearing down the facade that they were secure. That said, it’s not just the cyber attacks themselves that create headlines; the manner in which an organisation deals with an attack can create much harder hitting news stories…
Uber is the most recent example of this, covering up of a gigantic data breach affecting 57 million customers (including 600,000 Uber drivers) for over a year and then paying off hackers to keep silent. This will undoubtedly affect the organisation for a number of years, it is likely to have detrimental implications for their brand image and reputation. Read our post on what we can learn from the Uber post-breach response here.
If we take a trip across the pond, Equifax, an American credit bureau, was hacked revealing credit card and social security numbers, date of births and addresses with almost half the US population affected. In one of the worst post-breach PR disasters in recent times, before notifying the public three board members sold shares in the company worth $1.8m which no doubt rubbed 143 million individuals who had sensitive information stolen the wrong way.
Car insurance and breakdown provider AA had a breakdown of their own during 2017 and would have been wishing one of their competitors provided cyber security insurance. The motoring group left 13GB of customer data exposed and at risk for several days throughout April. The AA stated that the data was not sensitive, however over 117,000 unique email addresses, credit card types, and final four digits of credit cards were left unprotected.
The AA initially denied that credit card information was left at risk as part of the breach, however they later admitted that the data breach “should have been handled better” acknowledging that credit card information was actually left at risk.
So what a year 2017 has been…
Bob Business has been working hard to create more secure working cultures, yet as witnessed throughout 2017, cyber security is becoming a much greater issue. Cyber criminals are finding new and more advanced tools to attack IT users, consequently increasing the vulnerability of sensitive data for both individuals and organisations.
Want to stay ahead of the game?
Take a read of our 2018 trends blog to find out what is in store for the Infosec industry throughout 2018 and the impacts it could have on you.