Data protection watchdog warns of growing threat of cyber attacks

  • Data Protection
data protection

Peninsula Team,

(Last updated )

According to a new report published by the Information Commissioner's Office (ICO), more organisations than ever are experiencing cyber security breaches that put people’s personal information at risk.

The Learning from the Mistakes of Others report has practical advice to help organisations to understand common security failures and take simple steps to improve their own security, preventing future data breaches before they can happen.

It analyses the data breach reports it has received and shares lessons that can be learnt from common security mistakes.

Over 3000 cyber breaches were reported to the ICO in 2023, with the finance (22%), retail (18%) and education (11%) sectors reporting the most incidents. In one example, a simple phishing email to a construction company compromised the personal information of over 100,000 people.

What should I do to prepare for any subject access requests that I might receive?

Get instant, expert answers to your HR questions...

Ask Brainbox
0800 158 2313Speak to an expert 24/7

The ICO’s Deputy Commissioner — Regulatory Supervision, Stephen Bonner, said: “People need to feel confident that organisations are doing as much as they possibly can to keep their personal information secure. While cyber attacks are growing more sophisticated, we find that many organisations are not responding accordingly and are still neglecting the very foundations of cyber security.”

The report focuses on:

•           phishing — where scam messages trick the user and persuade people to share passwords or accidentally download malware

•           brute force attacks — where criminals use trial and error to guess username and password combinations, or encryption keys

•           denial of service — where criminals aim to stop the normal functioning of a website or computer network by overloading it

•           errors — where security settings are misconfigured, including being poorly implemented, not maintained and/or left on default settings

•           supply chain attacks — where products, services or technology being used are compromised and then used to infiltrate the systems.

Visit BrAInbox today where you can find answers to questions like Do I need to do anything before I start monitoring staff?

Related articles

  • employment rights bill

    Blog

    Still no resolution on unfair dismissal rights under the Employment Rights Bill

    The stalemate continues: the question of whether qualifying service for unfair dismissal rights should be removed entirely or reduced to six months by the Employment Rights Bill was once again before the House of Commons today, and once again the Government has dug in its heels.

    Peninsula Logo
    Peninsula Team Peninsula Team
    • Employment Rights Bill
  • early conciliation

    Blog

    Early conciliation period to be extended

    Regulations have been laid before Parliament that will extend the time an employer and employee has to attempt to settle a dispute through Acas before proceeding to the employment tribunal (ET).

    Peninsula Logo
    Peninsula Team Peninsula Team
    • Employment Law
  • Employment Rights Bill

    Blog

    Government launches four Employment Rights Bill consultations

    The Government has begun four new consultation exercises on key legal updates contained in the Employment Rights Bill. Despite the Bill still not having received Royal Assent, the Government appear to be keen to push on with defining the shape of the new employment rights provided for in it.

    Peninsula Logo
    Peninsula Team Peninsula Team
    • Employment Rights Bill

Try Brainbox for free today

When AI meets 40 years of Peninsula expertise... you get instant, expert answers to your HR and health & safety questions

Ask a question now
0800 158 2313Speak to an expert 24/7