top of page

Financial and property sector: Would your staff recognise a cyber attack?

Cybersecurity is a growing concern across all industries, and the financial and property sectors are no exception. With the increasing reliance on technology, these industries are becoming more vulnerable to cyber-attacks, which can have devastating consequences.

hands typing on a laptop

Professional services are always a target to cyber criminals due to the valuable data they hold and the trust they have with clients. According to the Cyber Security Breaches Survey 2022, 54% of finance and insurance firms and 47% of admin/real estate firms have identified breaches or attacks in the last 12 months. A successful attack will cause reputational damage, financial implications, and a massive disruption to how those in the financial and property sector operate.


Phishing Attacks

The most popular type of cyber-attack in 2022 was phishing attacks. Phishing at its most basic is a cybercrime where targets are contacted by email, telephone, or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords.


According to recent research:

  • 1 in 3 employees are likely to click the links in phishing emails

  • 1 in 8 employees are likely to share information requested in a phishing email and finally

  • Over 45% of employees click emails they consider being suspicious “just in case it’s important”.

These statistics demonstrate just how critical it is to improve cyber security awareness in the financial and property sector.


Security Awareness Training

classroom of people looking towards the speaker

Here at the ECRC, we offer a number of affordable Cyber Security and Resilience Services that are designed to assist businesses and their staff to have the right strategies to respond to cyber incidents efficiently and migrate any potential damage a cyber-attack may create. Through Cyber PATH, local university students are trained and mentored by senior ethical hackers, to deliver all our services and to work with staff to build their cyber awareness, understand the latest cyber threats and secure the business’s online environment.


Your people can be your biggest asset and with our Security Awareness Training (SAT) they can become highly effective barriers to cybercrime. Our Awareness Training focuses on those with little or no cyber security or technical knowledge and is delivered in small, succinct modules, using real-world examples.


We tailor our Security Awareness Training to each individual audience to provide the right level of skills and context for your business. We can deliver training to any sized group, in-person, remote or a hybrid of the two.


The trainers are highly knowledgeable, personable, and friendly and pride themselves on providing the right environment for your people to feel comfortable and to ask questions. Below are testimonials from businesses who have already had our Awareness Training:


Testimonial 1

“The Cyber Path Student was a confident and knowledgeable presenter who put all attendees at ease and lead a thoroughly enjoyable and hugely useful and informative session. Time well spent!”


Testimonial 2

“Whole session was good-humoured, appropriately targeted (relevant), interactive - and had well-timed (and much appreciated!) breaks!”


Testimonial 3

“The student was a natural presenter, the session was fun and engaging with the right level of detail for the audience. She quickly built a rapport with the audience, delivered the content well and got the whole room discussing Cybersecurity early on. It was a great way to delivery cost effective Cyber Awareness training, build the knowledge within the staff and help them be more aware and more secure online. I’d definitely use CRC again to deliver additional Cyber Awareness training to my clients.”


The benefits of Security Awareness Training

For just a few hundred pounds, you can help to protect your business against a cyber-attack that ultimately could cost you thousands. Our Security Awareness Training covers a wide range of cyber security topics, including social engineering, ransomware, and phishing attacks. The training provides simple and effective knowledge for people to understand their environment and provides the confidence to challenge when something doesn’t look right. With the financial and property sector becoming a big target for cyber criminals, it is vital that your staff are aware of the potential risks and steps to protect themselves.


What’s next?

The impact of a successful attack against your website or network can be catastrophic and lead to website downtime, loss of data and permanent loss of reputation. But all is not lost.


Here at the centre, we would advise you to do three things now

  • Join our free core membership. Start implementing some simple changes now and start protecting your organisation, staff, customers, and supply chain.

  • Contact us to arrange a meeting to discuss providing Security Awareness Training for your company.

  • For all businesses across the Eastern region, we would recommend that you look at improving your overall cyber resilience and work towards achieving Cyber Essentials accreditation – the basic government backed kite mark standard for cyber security. And remember that a company operating under Cyber Essentials processes is 99% protected either fully or partially from today’s common cyber-attacks. Our free Little Steps course can help you understand what you need to do.

We are already working closely with hundreds of organisations across the seven counties to help them tackle the continually changing cyber threats that they face. So come and join our community as free members and let us help you protect your organisations from the ever presents threats out there in the cyber-verse.


Reporting a live cyber-attack 24/7

If you are a business, charity or other organisation which is currently suffering a live cyber-attack (in progress), please call Action Fraud on 0300 123 2040 immediately. This service is available 24 hours a day, 7 days a week.


Reporting a cyber-attack which isn't ongoing

Please report online to Action Fraud, the UK's national reporting centre for fraud and cybercrime. You can report cybercrime online at any time using the online reporting tool, which will guide you through simple questions to identify what has happened. Action Fraud advisors can also provide the help, support, and advice you need.


Report a phishing attack

If you suspect a phishing attack, please report it to the Suspicious Email Reporting Services (SERS) set up by the NCSC at: report@phising.gov.uk


Text messages can be forwarded to 7726


Comments


The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the East is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the East provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

The Cyber Resilience Centre for the East does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the East is not responsible for the content of external internet sites that link to this site or which are linked from it.

bottom of page