• Percentage of businesses experiencing cyber breaches or attacks drops from 43% to 32%.
• New laws to strengthen data protection have had a positive impact on cyber security.
• Businesses and charities urged to train more people to help manage cyber risks.

New statistics from the Department for Digital, Culture, Media and Sport (DCMS) have shown a reduction in the percentage of businesses suffering a cyber breach or attack in the last year.

The 2019 Cyber Security Breaches Survey shows that 32% of businesses identified a cyber security attack in the last 12 months – down from 43% the previous year.

The reduction is partly due to the introduction of tough new data laws under the Data Protection Act and the General Data Protection Regulations (GDPR). 30% of businesses and 36% of charities have made changes to their cyber security policies and processes as a result of GDPR coming into force in May 2018.

However, of those businesses that did suffer attacks, the typical median number of breaches has risen from 4 in 2018 to 6 in 2019. Therefore, businesses and charities suffering cyber attacks and breaches appear to be experiencing more attacks than in previous years.

Where a breach has resulted in a loss of data or assets, the average cost of a cyber attack on a business has gone up by more than £1,000 since 2018 to £4,180. Business leaders are now being urged to do more to protect themselves against cybercrime.

The most common breaches or attacks were phishing emails, followed by instances of others impersonating their organisation online, viruses or other malware including ransomware.

Digital Minister Margot James said:

Following the introduction of new data protection laws in the UK it’s encouraging to see that business and charity leaders are taking cyber security more seriously than ever before. However, with less than three in ten of those companies having trained staff to deal with cyber threats, there’s still a long way to go to make sure that organisations are better protected.

We know that tackling cyber threats is not always at the top of business and charities list of things to do, but with the rising costs of attacks, it’s not something organisations can choose to ignore any longer.

Through the CyberFirst programme, the Government is working with industry and education to improve cyber security and get more young people interested in taking up a career in cyber. The Cyber Discovery initiative has already encouraged 46,000 14 to 18 year olds to get on a path towards the cyber security profession, over 1,800 students have attended free CyberFirst courses and nearly 12,000 girls have taken part in the CyberFirst Girls competition. The Government’s initial Cyber Skills Strategy, published in December, will be followed by a full strategy later this year.

Business and charity leaders are being encouraged to download the free small business guide and free small charity guide to help make sure that they don’t fall victim to cyber attacks. This is available through the National Cyber Security Centre (NCSC).

Clare Gardiner, Director of Engagement at the NCSC, said:

We are committed to making the UK the safest place to live and do business online, and welcome the significant reduction in the number of businesses experiencing cyber breaches.

However, the cyber security landscape remains complex and continues to evolve, and organisations need to continue to be vigilant.

The NCSC has a range of products and services to assist businesses, charities and other organisations to protect themselves from cyber attacks, and to deal with attacks when they occur. These include the Board Toolkit providing advice to Board level leaders, and guides aimed at small businesses and small charities.

The threat of cyber attacks remains very real and widespread in the UK. The figures published today also show that 48% of businesses and 39% of charities who were breached or attacked, identified at least one breach or attack every month.

Cyber security is becoming more of a priority issue, especially for charities. Those charities who treated cyber security as a high priority has gone up to 75% in 2019, compared with just 53% the year before, and is now at the same level as businesses.

Small businesses and charities are being urged to take up tailored advice from the National Cyber Security Centre. All businesses should consider adopting the Ten Steps to Cyber Security, which provides a comprehensive approach to managing cyber risks. Implementation of the 10 Steps will help organisations reduce the likelihood and cost of a cyber attack or cyber related data breach.

Organisations can also raise their basic defences by enrolling on the Cyber Essentials initiative and following the regularly updated technical guidance on Cyber Security Information Sharing Partnership available on the NCSC website.

ENDS

Notes to editors:

The annual Cyber Security Breaches survey is part of the Government’s National Cyber Security Strategy, which is investing £1.9 billion over five years to make the UK the safest place to live and work online.

The survey builds on the ongoing programme of Government action on cyber security, which has recently included the publication of the NCSC “Board Toolkit”, the publication of the Cyber Health Check for FTSE350 companies, a series of Ministerial roundtables with leading UK companies, and the Cyber Aware campaign for small businesses and the public.

Businesses and charities can protect themselves online using the practical guidance offered by the National Cyber Security Centre, such as the Cyber Security Guide for Small Businesses and the Cyber Security Guide for Small Charities.

The Cyber Security Breaches Survey 2019 was carried out for DCMS by Ipsos MORI, in partnership with the Institute for Criminal Justice Studies at the University of Portsmouth.

The survey methodology consists of a random probability telephone survey of 1,566 UK businesses (excluding agriculture, forestry and fishing businesses) and 514 UK registered charities undertaken from 10 October 2018 to 20 December 2018. The data have been weighted to be statistically representative of these two populations. In addition, a total of 52 in-depth interviews with survey participants, were undertaken during January and February 2019, to gain further qualitative insights.

The Cyber Security Breaches Survey is an Official Statistic and has been produced to the standards set out in the Code of Practice for Statistics.

A Charity Commission inquiry into a Birmingham-based charity has found that its former trustees repeatedly failed in their duties to administer and manage the charity. The Commission’s investigation into Bethel United Church of Jesus Christ Apostolic UK has ensured that the charity has filed all its accounts, resulting in £1.2million of charitable funds being publicly accounted for.

The Commission opened its inquiry in March 2017 after the trustees repeatedly failed to submit mandatory annual financial information despite regulatory advice that was provided previously. The charity has been subject to previous regulatory engagement. This included a compliance case after a significant amount of funds were misappropriated by a then trustee, and the Commission’s double defaulters class inquiry in 2016 after former trustees failed to file the charity’s annual financial information for over five consecutive years.

The inquiry found the former trustees responsible for misconduct and mismanagement in the administration of the charity. This included a failure to manage the charity’s funds appropriately. In addition to defaulting on repayments on debts amounting to £1.2 million, the trustees failed to manage conflicts of interest in relation to transactions between the charity and a Birmingham based bakery where a former trustee was a majority stakeholder. During the financial year ending 2014 this resulted in a debt of £23,000 being owed to the charity. Those funds were subsequently repaid and the trustee involved resigned.

The former trustees also failed to fulfil a number of their legal duties. Despite receiving guidance on this from a previous inquiry, the trustees again failed to file the charity’s annual financial information on time. There was also an absence of a full board of trustees, as required in the charity’s governing document, to manage the charity effectively.

As a result, the Commission has issued an action plan to the charity’s new trustees setting out steps which the inquiry considered necessary in resolving the issues of concern.

The Commission will be monitoring the new trustees’ compliance with the plan, and says it will consider further enforcement action against the charity and/ or the new trustees should they not comply with the plan.

Harvey Grenville, Head of Investigations at the Charity Commission said:

“It is unacceptable that this charity has repeatedly found itself subject to regulatory scrutiny. The former trustees failed to meet the expectations of the public and the charity’s beneficiaries in terms of transparency, accountability and the careful stewardship of charitable funds.

“I expect the new board of trustees to continue making good progress, thereby returning the charity to a sounder footing.

“The public deserve to be able to understand how their donations are being spent, and see clearly that they go towards their intended causes. As a result of our inquiry significant charitable funds are now accounted for.”

The full report of the inquiry is available on GOV.UK

Ends

Notes to Editors

• The Charity Commission is the independent regulator of charities in England and Wales
• The Commission’s inquiry into Bethel United Church of Jesus Christ Apostolic UK closed on 3 April 2019
• During the course of the investigation, one trustee passed away and one resigned. The remaining trustees were replaced by the current board of trustees who were appointed in December 2017.
• Trustees of charities with an income over £25,000 have a legal duty to submit annual returns, reports and accounting documents to the Commission. Charities with an income of over £10,000 must submit a full annual return.

Natural England is calling on the public to donate to their campaign to raise money to purchase and restore one hectare of land on the edge of Stiperstones National Nature Reserve (NNR) called Windy Corner.

Stiperstones NNR in Shropshire is famous for its wild and atmospheric landscape and nationally significant geology. The restoration and purchasing of Windy Corner is one more step towards our vision of creating a continuous heathland along the entire 10km of the Stiperstones ridge, allowing an emperor moth caterpillar to be able to crawl from one end of this iconic upland landscape to the other.

Once restored, there will be a carpet of purple heather, whinberries and cowberries which will attract lots of invertebrates such as green tiger beetle, emperor moth and green hairstreak butterfly. The charming birdsong of skylark, stonechat and cuckoo will also fill the air.

Windy corner, located near Shropshire Way walking path, will be restored to heathland as another step towards realising the ‘Back to Purple’ vision. We hope the restoration will also increase public enjoyment of the reserve as the land will have open access and add to the area of heathland enjoyed by the visitors to the National Nature Reserve. The public will also have opportunities to participate in, and contribute to, the restoration through a seed spreading volunteer activity, and opportunities for schools to do research projects

Natural England’s Area Manager Emma Johnson says:

We have a great opportunity here to increase the area of heathland, adding to the iconic Stiperstones landscape. Through the generosity of people, both donations and help from volunteers we will be able to provide yet more fantastic habitat for nature in Shropshire, which people will be able to enjoy for generations to come.

Our aim is to raise £10,000 to purchase Windy Corner and restore the heathland using seeds harvested from the nature reserve. Once the heath is established and thriving, it will be lightly grazed with conservation grazing animals.

Simon Cooter, Senior Reserve Manager for Natural England’s Stiperstones NNR says:

Public support will really help us in reaching our long awaited dream of having purple heather covered hills stretching along the whole of the Stiperstones ridge. It has been twenty years since the first gains and we can almost reach across the gaps that are left.

To support our campaign please make a donation here

At about 11:58 hrs on Wednesday 13 March 2019, a concrete delivery lorry became temporarily trapped by a lowering barrier on an automatic half barrier level crossing at Mucking, Essex. Shortly afterwards, the lorry reversed off the crossing about six seconds before a passenger train crossed it.

The train formed the 11:11 hrs London Fenchurch Street to Southend Central service and was travelling at about 56 mph (90 km/h) around the curved approach to the level crossing when the driver saw the lorry reversing away from the railway. The train driver did not apply the brake. The maximum permitted speed at this location is 60 mph (97 km/h).

The lorry drove onto the crossing just before the barriers began to lower and then stopped on the crossing, before reversing in order to enter a nearby construction site. It stopped reversing after a barrier lowered onto it, and then remained stationary for about eight seconds until construction site staff manually lifted the barrier. The lorry then continued to reverse off the crossing. Work at the construction site was being undertaken by contractors working for Network Rail on a project to upgrade the railway power supply between London and Southend.

Our investigation will seek to identify the sequence of events which led to the incident and will consider:

• the actions of the lorry driver and construction site team, particularly their awareness of the level crossing and its operating characteristics
• the project team’s awareness and mitigation of risks associated with working near level crossings
• any underlying management factors

Our investigation is independent of any investigation by the railway industry, or the Office of Rail and Road.

We will publish our findings, including any safety recommendations, at the conclusion of our investigation; these will be available on our RAIB website.

You can subscribe to automated emails notifying you when we publish our reports.

We know information about careers in the Civil Service is often disconnected and hard to find, which makes it difficult for people to learn about careers across the organisation, and to find the right job or next move for them.

So, over the last 4 months, we’ve been working with colleagues across government to develop a VOA page on the Civil Service Careers website. This site is a ‘one stop shop’ for government departments which will enable us, to improve the diversity of our workforce further, and realise our vision of being a Brilliant Civil Service department.

Our page gives potential applicants a positive, honest, reliable and relatable insight into working for the Agency. It aims to inform and inspire, and is designed to engage a diverse audience through showcasing our people, culture and values.

Take a look at the site and tell us what you think. Also, feel free to share the site with friends and family, so they can learn about the VOA too.