The Cyber Risk
If you’re a small or medium-sized enterprise (SME) then there’s around a 1 in 3 chance that you’ll experience a cyber security breach.
Falling victim to cyber crime can be devastating for your business, and when you consider that SMEs make up 99.9% of Britain’s 5.5 million private sector businesses, it represents a real threat to the whole of the UK economy.
As part of the UK’s National Cyber Security Strategy the Cyber Protect network has been created to help improve the ability for UK PLC to defend itself against cyber attack.
FREE CYBER AWARENESS PRESENTATIONS
The Cyber Protect network exists across the UK and provides FREE cyber awareness sessions to organisations including business, education, public services, local government and the charitable sector*.
Please note: Because of the Covid-19 pandemic, our preference for keeping everyone safe is to deliver these sessions virtually for the timebeing. We can deliver using our MS Teams or Zoom accounts, or join your platform of choice.
For virtual presentations, the limit for MS Teams sessions is 250 attendees, for Zoom it is 100 attendees. The presentation is delivered by fully trained Police Officers and Police Staff from the Cybercrime Unit – for FREE.
Our cyber awareness sessions are approximately 1.5 hours (including questions). From experience, your staff are more likely to learn by engaging them for the benefit of their personal lives, achieving behaviour change and then bringing that benefit back to the workplace. As such, we pitch our sessions for their personal life, with explanation of their role in cybersecurity at work. These sessions are for an everyday user, avoiding jargon where we can and avoiding technical complexity. We cover:
- Current Cyber Threats
- The motivation of cyber criminals
- Data Breaches
- Securing accounts – passwords and 2FA
- Improving our privacy online
- Securing devices
- Public WiFi risks
- Response Planning
- Cyber Drills
- Further learning
Our leadership sessions are approximately 1.5 hours (including questions). They are pitched for company leaders and decision makers and are limited in technical complexity. We cover:
- Current Cyber Threats & Trends
- The motivation of cyber criminals
- How criminals exploit weak passwords
- Data Breaches
- Detecting Suspicious Events
- The importance of 2FA
- Denial of Service attacks
- Supply chain threats
- Internet of Things (IoT) and business
- Industrial Control Systems
- Asset control
- Legacy equipment
- Strategic considerations
- Response Planning
- Cyber Drills
- Staff training
- Further learning
“Jon called to say thank you for saving his company £125,000 through an attempted invoice fraud. Staff were reminded of the event that they had attended 6 months earlier. If they hadn’t gone to the event SEROCU Cyber Protect presented at we would have been stung.”Jon, Sussex
I thought your presentation and communication style was excellent and we really appreciate you supporting us and our clients.Paul, UK Banking sector
“It is important for you to know that your efforts do have a positive effect out here in the business world. I hope you continue the great work you do.”Brian, Sussex
I have had numerous positive comments from the members of staff who attended the CPD session after school. It has certainly given us a lot to think about and some clear action points both in the shorter and longer term.Headteacher P, Sussex
* Audiences: While we would like to be in a position to support all organisations, our team is small and therefore we have to limit our proactive services for businesses to micro-, small- and some medium-enterprises. For medium sized enterprises, availability will depend on turnover and the ability to procure these services privately. Any victim of cybercrime, regardless of size, who reports the incident to Action Fraud is eligible for some Cyber Protect services.
DECISIONS & DISRUPTIONS EXERCISE
This exercise is targeted towards senior decision makers within companies, but it can also be of benefit to other staff with varying levels of technical knowledge. It creates an immersive experience in which participants have to use their problem solving, collaboration, leadership and communication skills.
The exercise takes approximately 1 hour and the target audience is senior leaders and decision makers. The game works best with 7 players.
We are currently offering this as a virtual exercise using breakout rooms to facilitate separate games. We can deliver this on Zoom or MS Teams.
This exercise is FREE and available to the same audiences as our presentations.
Get in Touch
Please contact the relevant Police Cyber Crime Unit direct to access any of the services …
Please be aware that our primary business audience is micro-, small- and some medium-enterprises. For medium sized enterprises, availability will depend on turnover and the ability to procure these services privately.Any victim of cybercrime, regardless of size, who reports the incident to Action Fraud is eligible for some Cyber Protect services.
Cyber Resilience Centre for the South-East
Using a combination of police officers and cyber talent, the Cyber Resilience Centre for the South-East supports and helps protect small business, SMEs and supply chain businesses and third sector organisations in the region against cyber crime.
Covering the areas of Thames Valley, Oxfordshire, Berkshire, Buckinghamshire, West Sussex, East Sussex, Surrey, Hampshire, and the Isle of Wight, they are working with local Universities and the Police forces, which provides them with access to the latest local as well as national information on emerging cyber threats, criminal trends, best practice for cyber resilience and new technology to provide you with timely guidance to prepare and protect your business, staff and clients from cyber criminals.
The Cyber Resilience Centre for the South-East provides affordable cyber security testing and training services, with the opportunity to learn how to procure private sector cyber security products, services, or resources. Whether it’s just a health check for your company or its employees, they can help with whatever your cyber needs.
A trusted resource, they are also a straightforward place to find IASME approved Cyber Essentials and Cyber Essentials Plus Certifiers in the South East. These are recognised nationally as Trusted Partners.
The Cyber Resilience Centre for the South-East is modelled on a successful structured collaboration acclaimed by the National Police Chiefs’ Council (NPCC). It is part of a nationwide network of not for profit centres set up by the Home Office and Business Resilience International Management.
The Cyber Resilience Centre for the South-East provides free of charge membership and further paid membership opportunities. Membership is not just for IT or Tech companies – it is highly relevant and beneficial to all sizes and types of organisations.
Police CyberAlarm is a free tool to help members understand and monitor malicious cyber activity. This service is made up of two parts; monitoring and vulnerability scanning.
Police CyberAlarm acts as a “CCTV camera” monitoring the traffic seen by a member’s connection to the internet. It will detect and provide regular reports of suspected malicious activity, enabling organisations to minimise their vulnerabilities. The data collected by the system does not contain any content of the traffic. The system is designed to protect personal data, trade secrets and intellectual property.
Members of Police CyberAlarm will become part of the wider UK cyber defence network, sharing collected data with Police for analysis at local, regional and national levels to identify trends, react to emerging threats and identify, pursue and prosecute cyber criminals.
Vulnerability Scanning can be added and used to scan an organisations website and external IP addresses, providing regular reports of all known vulnerabilities.
There is no charge from the Police to use this service.
Police CyberAlarm members install a CyberAlarm Virtual Server on their premises which will be used to collect and process traffic logs from their firewall/internet gateway. Police CyberAlarm Virtual Server is easy to install using the downloadable virtual appliance, offering one-click installation. The Virtual Server will run on low-specification hardware. While full installation instructions are provided, you may require technical support to configure the connection to your firewall. You will require a dedicated firewall appliance – all in one small business solutions may not have the capability of sending logs to the Virtual Server (or any log aggregation / SIEM solution).
Use SignUp code SEROCU to register:
Exercise in a Box
No cyber defence is 100% effective. Recognising that fact, and preparing for an incident in advance, is key to mitigating the impact – and may be what enables your business to survive.
Planning for incident response should be a continual and dynamic process. To get started, think about the incidents that might affect your business – ransomware, business e-mail compromise, Distributed Denial of Service (DDoS), malicious insider. You should develop individual responses (‘playbooks’) for each incident – and don’t forget, we are here to help.
The National Cyber Security Centre created ‘Exercise in a Box’ in response to feedback that conducting cyber drills was expensive and difficult. It is a free online cyber exercising tool which guides participants through different cyber incidents. This will allow you to test your response plans and develop their maturity.
If you’d like us to assist you in completing the exercises, either as observers or advisors, please get in touch:
Network Defenders – join CiSP!
CiSP is the Cyber security Information Sharing Partnership. CiSP is a joint industry and government initiative set up to exchange cyber threat information in real time, in a secure, confidential and dynamic environment, increasing situational awareness and reducing the impact on UK business.
CiSP is a forum type platform separated into nodes based on geography, organisation type or threat type. Network Defenders, UK Government, the National Cyber Security Centre, ROCU Protect Network and Law Enforcement can share information promptly and securely
The Benefits of CiSP
- Engagement with industry and government counterparts in a secure environment
- Early warning of cyber threats
- Ability to learn from experiences, mistakes, successes of other users and seek advice
- An improved ability to protect their company network
- Access to free network monitoring reports tailored to your organisations’ requirements
To become a registered CiSP member you must be:
- A UK registered company or other legal entity which is responsible for the administration of an electronic communications network in the UK
- Sponsored by either a government department, existing CiSP member or a regional Cyber PROTECT police officer or industry champion.
In the meantime, if you are on Linkedin and Twitter, it’s worth connecting with SEROCU Cyber Protect to assist in this process.
Cyber Security Advice for Organisations
For guidance on improving the cyber security of your organisation, work through our summary:
Cyber Security & Privacy for Staff
For guidance for staff and individuals on staying secure online and maximising your online privacy, please go to our dedicated pages: