Scottish companies could be put out of business if they don’t take the rising threat of cybercrime seriously.
That was the stark message to business bosses when Resilience, part of Annan-based Eco Group, marked Cyber Scotland Week by hosting a cyber security event for Scottish businesses and organisations.
There have been high profile cyber attacks in recent years on Scottish organisations such as on the Scottish Environmental Protection Agency (SEPA) in 2020, and on the NHS Dumfries and Galloway last year.
The number of attacks on public bodies in Scotland is also on the increase with 16 attacks in 2024, up more than 50 per cent on previous years, according to Scottish Government figures.
Resilience, which operates with an in-house team of cyber experts, pledges to bring a new approach to protect businesses and organisations from the fast-changing techniques used by criminals.
Without the latest protection businesses who fall prey to cyber criminals can at best have their operations suspended, costing them thousands and sometimes millions of pounds, at worst they can be shut down and put out of business completely.
SMEs are soft targets because their security is often weaker and they offer an easy way in to their supply chain for those seeking to disrupt operations and demand payments.
Those who attended the event at Easterbrook Hall, The Crichton Campus, Dumfries, heard that there are 2,300 substantial cyber attacks every day in the UK, with each breach having an average cost to business of £4.3m.
In the last 12 months, 39 per cent of UK companies have suffered a major cyber breach, and that number is rising fast.
Manufacturing companies, which often use legacy systems, are the businesses most frequently hit, accounting for 25.7 per cent of all sectors to be the victim of a cyber breach, followed by Finance (18.2 per cent); Energy (11.1 per cent); Retail (10.7 per cent); Health (6.3 per cent), Public Administration (4.3 per cent) and Education (2.8 per cent).
Hacking has now grown to a $12 trillion a year industry. Some hacking operations employ as many as 200 people with managers, developers, negotiators and even HR departments, operating like a legitimate business complete with targets and KPIs.
Ryan Moffat, head of Resilience, is a leading expert in his field. He has worked with Police Scotland as an ethical hacker, is a Cyber Essentials Ace Practitioner and has five years hands-on experience of working in industry.
As a graduate of one of the UK’s leading cyber security courses at Abertay University in Dundee, Ryan keeps up to date with all there is to know about the fast-evolving world of cybercrime from every angle – the criminal, the police, the business owner – and knows how best to defend businesses against it.
Ryan said: “State-sponsored cybercriminals from a range of countries want to disrupt operations in the UK. They will target any business with thousands of automated attacks in the hope of one getting through and giving them access into an organisation and all their data.
“I know of cases where businesses are receiving 10,000 phishing attacks every day.
“We are not talking big corporate organisations. We are talking small and medium sized operations because cyber criminals know these organisations are likely to have more weak spots in their defences.
“The criminals want to access as much information about you and your business as possible – who your customers are, who your suppliers are, they want to disrupt your entire operations.
“It only takes one person to click on a link and they are into your data and your systems with access to information on all your people and all your business connections.”
The absolute key for businesses is to not let the cyber criminals into their systems in the first place. To achieve that, not only must an organisation’s cyber security be watertight, but every person who works there must be trained to know when an email, a text, a social media message is safe, and when it’s a fraud.
That involves training every member of a team about the threats, what damage they can do, and crucially how to spot and prepare for AI, phishing and Multi Factor Authentication (MFA) attacks and prevent the cyber criminals from winning, which is where Resilience comes in.
“Every single person has a part to play in maintaining cyber security. It’s vital that everyone in an organisation knows what is safe and what isn’t,” said Ryan who brings the latest thinking and research to his role to help ensure businesses have the latest, most effective protection.
Helen Templeton, who has more than 20 years’ experience in the IT industry and is a lecturer at Dumfries and Galloway College, also brings her expertise to the Resilience team and was able to share her own experience with those at the event.
Drena Thomson, of Armstrong Group, speaking after the event, said: “I have attended four cyber events from different companies, but this one was very informative. It brought awareness of the new rules coming into place and information about AI. It wasn’t what I expected, it was engaging and different.”
Resilience is part of Eco Group which, led by founder and MD Eddie Black, specialises in Contract Manufacturing, Organic Brand Manufacturing, and Services to Manufacturing across a diverse range of industries.
From its impressive, self-built, 3,000-square-metre HQ in Annan, Eco companies offer an array of innovative products and services tailored to meet the needs of commercial, industrial, public sector, and residential customers throughout the UK.
Resilience will be holding a Cyber Resilience webinar on Thursday, March 13, 10am-11am. https://www.eventbrite.co.uk/e/cyber-resilience-q-a-cafe-tickets-1264122326909?aff=oddtdtcreator
https://www.integrityoffice.co.uk/resillence
