Our latest cyber security roundup features news that NHS Greater Manchester Shared Services has received an international security standard and data from Microsoft suggests there are changing attitudes towards cyber following the Covid-19 pandemic. 

NHS Greater Manchester Shared Services awarded international security standard

NHS Greater Manchester Shared Services (GMSS) has been awarded the international information security standard ISO 27001.

GMSS is one of the first NHS organisations to be awarded the world-recognised best practice information security standard. Achieving ISO 27001 demonstrates the importance the organisation puts on protecting vital customer and patient information from a wide range of cyber threats that can lead to data loss.

Phil Scott, GMSS IT security manager, said: “There have been a number of major data breaches in the healthcare industry, which highlighted the vulnerability of the NHS to cyber-attacks. We wanted to reassure our customers that we are committed to keeping data safe and leading the way in cyber security, so ISO 27001 certification was the clear choice.”

ISO 27001 functions as a framework for an organisation’s information security management system. It provides assurance that there are measures being taken to ensure that information is saved and shared as safely as possible. The standard takes GMSS beyond national NHS information security requirements and has already demonstrated its value during the Covid-19 crisis.

Microsoft data suggests changing attitudes towards cyber 

New data from Microsoft has suggested the pandemic has helped to accelerate the digital transformation of cyber-security.

The data has shown that 58% of respondents said they have increased their security budgets during the pandemic while 82% said they plan on adding security staff.

Furthermore, Microsoft Threat Intelligence teams reported a spike in Covid-19 attacks in early March as cyber-criminals applied pandemic themed lures to known scams and malware.

Business leaders have also reported phishing threats as the biggest risk to security in that same timeframe, with 90% of indicating that phishing attacks have impacted their organisation.

Covid-19 exposes UK’s cyber security vulnerabilities

Findings from a new report have suggested SMEs in the UK are at risk of 65,000 cyber security attacks daily – with around 4,500 of these being successful.

The findings come from a new report by global recruiter Robert Walters and data provider VacancysoftCybersecurity: Building Business Resilience – which claims that the cost of data breaches to UK companies is around £2.48 million per instance.

Darius Goodarzi, principle of information security and IT risk at Robert Walters, said: “The tech industry has set the tone, with brands such as Apple and Whatsapp putting security at the centre of their marketing message.

“For e-commerce, on the other hand, the pace at which the sector grew during Covid-19 raises questions as to whether their cyber security has been up to par with the sharp increase in traffic to online sites.

“With consumers being hyper-sensitive about their personal information in a rapidly evolving digital world, e-commerce sites cannot afford to lose the trust of customers in what is becoming a very competitive space.”

Tens of thousands of malicious emails reported to NHS in one month

An FOI request from think tank, Parliament Street, revealed the NHS received nearly 30,000 malicious emails in March and April 2020.

Some 21,188 malicious emails were reported to the official NHSmail reporting address between 1 and 31 March, 8,085 during April before beginning to decline with 5,883 in May, 6,468 in June and 1,484 in the first two weeks of July.