According to a new report published by the Information Commissioner's Office (ICO), more organisations than ever are experiencing cyber security breaches that put people’s personal information at risk.

The Learning from the Mistakes of Others report has practical advice to help organisations to understand common security failures and take simple steps to improve their own security, preventing future data breaches before they can happen.

It analyses the data breach reports it has received and shares lessons that can be learnt from common security mistakes.

Over 3000 cyber breaches were reported to the ICO in 2023, with the finance (22%), retail (18%) and education (11%) sectors reporting the most incidents. In one example, a simple phishing email to a construction company compromised the personal information of over 100,000 people.

What should I do to prepare for any subject access requests that I might receive?

Get instant, expert answers to your HR questions...

Ask Brainbox

0800 158 2313Speak to an expert 24/7

The ICO’s Deputy Commissioner — Regulatory Supervision, Stephen Bonner, said: “People need to feel confident that organisations are doing as much as they possibly can to keep their personal information secure. While cyber attacks are growing more sophisticated, we find that many organisations are not responding accordingly and are still neglecting the very foundations of cyber security.”

Leading causes of cyber security breaches

The report focuses on:

• phishing — where scam messages trick the user and persuade people to share passwords or accidentally download malware

• brute force attacks — where criminals use trial and error to guess username and password combinations, or encryption keys

• denial of service — where criminals aim to stop the normal functioning of a website or computer network by overloading it

• errors — where security settings are misconfigured, including being poorly implemented, not maintained and/or left on default settings

• supply chain attacks — where products, services or technology being used are compromised and then used to infiltrate the systems.

Visit BrAInbox today where you can find answers to questions like

Loading content...

Data protection watchdog warns of growing threat of cyber attacks

What should I do to prepare for any subject access requests that I might receive?

Leading causes of cyber security breaches

Related articles

What should I do to prepare for any subject access requests that I might receive?

Leading causes of cyber security breaches