CSM 2024: Worrying statistics reveal how lax organisations are with cyber security

As we approach Cyber Security Month 2024, it's crucial for organisations to gear up for heightened awareness and training campaigns. This is a prime opportunity to emphasise key security messages and foster a security-first mindset that extends beyond October.

When you hear that only 49% of medium businesses and 36% of high-income charities have a formal cyber security strategy in place and only two-fifths of businesses (18%) and charities (17%) overall have provided some form of staff awareness training – we have to ask, how seriously do organisations take cyber security threats? And what can working with TSC do for your cyber threat resilience?

Why Cyber Security Month matters?

Cyber Security Month is more than just a month-long campaign; it's a critical period to galvanise your organisation's security posture. Failing to capitalise on this momentum can result in missed opportunities for lasting behavioural change. With cybercriminals constantly probing for vulnerabilities, maintaining robust security awareness and practices year-round is non-negotiable.

Overlooking this period means missing out on heightened awareness and momentum that can lead to lasting behavioural change within your organisation. In fact, 50% of UK businesses have a basic skills gap, including technical skills, incident response, and governance skills needed to manage their cyber security. In a third of large businesses, it is either the IT director (12%) or an IT manager, technician, or administrator (20%) who is responsible for cyber security, often neglecting security awareness and training.

TSC's comprehensive security awareness solutions

We understand the dynamic landscape of cyber threats and the necessity of a proactive approach to security.

Our solutions are designed to inspire behavioural change and protect organisations from unintentional human errors. Here's how we can help you make the most of Cyber Security Month 2024:

1. Awareness: Elevate your communication strategies with engaging content such as blogs, articles, posters, intranet resources, GIFs, animations, and leaflets.
2. Knowledge & Skills Development: Boost your team's skills with our eLearning courses, interactive games, training sessions, webinars, and animated infographics.
3. Behaviour Change: Implement our competency frameworks, champions programs, manager masterclasses, and interactive team activities to drive real change.
4. Developing Cultural Security: Conduct thorough security awareness and behaviour research surveys, engage your board, and develop strategic 3-year communication plans.

Focus areas for Cyber Security Month 2024

This year's theme, you should focus on simple yet effective ways to safeguard against online threats, such as:

• Use strong passwords and a password manager
• Turn on multifactor authentication
• Recognise and report phishing
• Update and patch software regularly (The number of businesses with patch management policies, for applying security updates within 14 days of release, has decreased from 39% in 2022 to 31% in 2023.)

On top of this, TSC would like to highlight several critical threats for 2024 that you may not be concerned about but definitely should be:

• AI and ML in cyber security: While AI and ML enhance threat detection, they also empower cybercriminals. Our training helps your team stay ahead of these evolving threats.
• Ransomware attacks: With a rise in ransomware targeting critical infrastructure, our programs equip your employees with the knowledge to counteract these attacks.
• Supply chain security: Address vulnerabilities within third-party vendors and partners to prevent data breaches and maintain a secure supply chain.
• Remote work security: As remote work persists, our strategies help mitigate the unique security challenges it presents.
• Remote/mobile security: The prolonged prevalence of remote work in 2024 has significantly altered the cyber security landscape, amplifying existing challenges and introducing new vulnerabilities for organisations to contend with. From phishing scams targeting remote employees to vulnerabilities in remote access tools and cloud services, organisations face a myriad of cyber security threats in the remote work era.

The TSC advantage

Partnering with TSC means you leverage the expertise of our cyber security and legislation experts. Our team stays abreast of ever-changing regulations and works closely with CISOs, DPOs, and security professionals to address specific gaps in employee behaviour and security.

Around seven in ten businesses (71%) and six in ten charities (62%) report that cyber security is a high priority for their senior management. However, only 30% of businesses and 19% of charities have used specific tools designed for security monitoring. Furthermore, only 51% of medium-sized and 63% of large businesses have undertaken cyber security-related risk assessments. These statistics underscore the importance of comprehensive security awareness and training initiatives, especially during Cyber Security Month.

Make Cyber Security Month 2024 count

Utilise Cyber Security Month to its fullest by engaging with TSC's tailored security awareness solutions. Our programs are designed to meet your unique needs, ensuring your team is prepared and vigilant against threats.

Don’t wait until it’s too late—start your journey towards a resilient and strong security culture today.