Monthly Archives: December 2016

Is the UK ready for an upgrade? The National Cyber Security Strategy and Business

Cyber Security

The UK Government has announced nearly £2bn to upgrade Britain’s cyber security defences. The National Cyber Security Strategy seeks to make the UK the “safest place in the world to do business,” by protecting critical digital infrastructure in a world increasingly at the mercy of hackers, both state-sponsored and anonymous collectives.

“Our new strategy, underpinned by £1.9 billion of support over five years and excellent partnerships with industry and academia, will allow us to take even greater steps to defend ourselves in cyber-space and to strike back when we are attacked,” the Chancellor Philip Hammond said.

This comes on top of £265 million already earmarked for cybersecurity vulnerabilities just at the MoD. The strategy is a welcome recognition that interconnected networks are increasingly vulnerable, and new efforts are needed to ensure a strong, secure digital economy.

The announcement of the strategy comes a year after the government first started to seriously talk about national cyber security defence. “No longer the stuff of spy thrillers and action moves” declared Ben Gummer, the Cabinet Office Minister; “tech is the future of the UK economy” the Chancellor announced. Thankfully, Whitehall has finally installed a much needed upgrade; tech is not the future of the economy, it is the reality. Neither is cyber security a movie plot, it’s one of the most serious threats facing British business today.

A large scale cyber attack on any part of Britain’s digital infrastructure would be catastrophic.

Lockheed Martin simulated the effect of a cyber attack on the power distribution network in South-East England. Rouge hardware is installed in 65 vulnerable substations, quickly triggering rolling blackouts across the region in winter, shutting down London, with the impacts spreading out to all parts of the country.

In the best case scenario, full power is restored only after three weeks, in the worst case its three months. The economic impact on the country could reach up to £500bn, or 2.3% of GDP. In the immediate term, 9 million people lose power, 1 million train journeys and 150,000 flights have to be cancelled every day. Financial services, retail, real estate, and professional service industries are the most affected, losing billions of pounds and setting back growth for years.

But cyber attacks are not some future ‘what-if’, they are hitting UK plc now. A study by Oxford Economics found that 60% of businesses had experienced a cyber attack in the last 12 months, with the average loss estimated at nearly £3m per attack. Intellectual property loss, compromising commercially sensitive information, and a loss of competitive advantage were the most common results of cyber attacks, resulting in an increased cost of doing business and disrupting long-term investment. Not to mention the danger untrained employees and poor password practices can have in contributing to the threat of a nightmare cyber scenario.

If this is the day to day impact of the current level of cyber attacks against British business, it is a chilling thought to consider the damage a concerted attack would cause if carried out by a sophisticated organisation or nation-state actor. Now more than ever, it should be clear that Western countries are under digital bombardment for the purpose of causing mass disruption. Hacking an election was the latest trick, does business really want to wait and see what the next one will be?

VinciWorks by the numbers: 2016 a year in review

In the waning days of 2016, as we huddled around our board room fireplace with hot chocolate and crumpets, we took some time to reflect on a stellar 2016 and look forward to the incredible new innovations yet to come in the new year.

14 new courses

Traditionally VinciWorks has provided compliance training primarily to the legal sector. We proudly train over 20% of all UK solicitors and work with 60 of the top 100 global law firms.

In 2016 we expanded our corporate offering significantly and created courses that are tailored to many new industries.

This year we introduced the Corporate Compliance Suite, which includes courses on the Bribery Act, money laundering, information security, cyber security, diversity and the Modern Slavery Act. There are sector-specific courses for accountants, corporates, estate agents and financial services firms.

Other new courses

Continue reading

Free Guide to Compliance with the General Data Protection Regulation (GDPR)

GDPR is the most significant change to EU data protection law in 20 years. The law will apply to all businesses with customers in the EU, no matter where in the world they are based, and mandates much stricter data protection rules than ever before.

To avoid breaches, including fines of up to 4% of global revenue, companies must start preparing now.

In advance of our new data protection course, we have written a free, practical guide to compliance with GDPR.

Fill out your details below to gain access to the GDPR compliance guide:

Fill out my online form.

What We Learnt From The Panama Papers

iceland PM resigns over panama papers

Iceland’s prime minister resigns in response to the controversy over his offshore holdings, exposed by the Panama Papers.

A cyber security breach of major magnitude was reported in April 2016 and involved Panamanian law firm Mossack Fonseca. The breach revealed information including millions of documents and emails with data about the firm’s clients, both individuals and companies.

It is still unclear whether the attacker is an insider with access to the firm’s systems or an entity from the outside.

Another possibility is that the breach was less of a sophisticated attack but rather the result of out-of-date security and inferior cyber security measures at the firm. Continue reading