Report on cyber security in UK businesses makes for depressing reading, but the real problem could be much worse

A cyber-security survey carried out by Ipsos Mori has revealed almost half of UK businesses were attacked by cyber criminals in the past 12 months.

The survey commissioned by the UK government’s Department for Culture, Media and Sport found that overall 46% of all UK businesses identified at least one cyber-security breach or attack in the last 12 months – the number of identified attacks rises to two-thirds among medium-sized firms (66%) and large firms (68%).

Although these figures are alarming, cyber-security experts say these figures only account for known breaches.

In reality the examples of cyber attacks might be even higher than figures show.

“This is probably an underestimate if anything. Two reasons for this, firstly, this assumes they even know they have been hit, secondly people are more likely to under-report,” said Anton Grashion, managing director of security practice at software firm Cylance.

“Evidence of our testing when we run a proof of concept with prospective customers is that we almost invariably discover active malware on their systems, so it’s the unconscious acceptance of risk that plagues both large and small businesses.”

Among the 46% of businesses that detected breaches in the last 12 months, Ipsos Mori’s survey found that the average business faced costs of £1,570 as a result.

However, this figure is much higher for the average large firm, at £19,600, though the average medium firm (£3,070) and micro and small firms (£1,380) also incured sizeable costs.

“Many businesses still remain unprepared for a cyber attack because it’s difficult to prepare for something you don’t understand, can’t visualise, and haven’t experienced,” said Paul Edon, director at security firm Tripwire.

“The dynamic nature of cyber attacks often makes it hard to pinpoint a root cause, so executives with a desire to prepare are faced with choices, rather than clear actions to fund.”

Image courtesy of Fabio Lanari

The survey found only a quarter (26%) of surveyed companies reported their most disruptive breaches externally to anyone other than a cyber security provider.

The findings suggest that some businesses lack awareness of who to report to, why to report breaches and what reporting achieves.

In addition to not knowing where to report attacks, companies also claim they are unsure of where to obtain advice on how to prevent cyber attacks.

While 58% of businesses have sought information, advice or guidance on the cyber security threats facing their organisations over the past year, only 4% had consulted government or other public sector sources such as the police or regulators.

“British business need to realise there is an entire global cyber criminal economy that out earns the illegal drug industry in terms of revenue.

“Cyber programs need to wake up and adapt into a detect and response approach that places equal investments in prevention as it does detection of hackers,” said Paul Calatayud, chief technology officer at security company FireMon.

The full Cyber Security Breaches Survey is available here.

DJI’s First Drone Arena in Tokyo to Open This Saturday

Consumer drone giant DJI will open its first Japanese drone arena in the city of Tokyo this Saturday, providing a space for both hardened professionals and curious newcomers to hone their flying skills.

The arena, which covers an area of 535 square metres, will not only include a large flying area complete with obstacles, but also offer a store where visitors can purchase the latest DJI drones and a technical support area where drone owners can get help with quadcopter issues.

The hope is that the arena will allow those who are curious about the technology but currently lack the space to try it out to get involved.

“As interest around our aerial technology continues to grow, the DJI Arena concept is a new way for us to engage not just hobbyists but also those considering this technology for their work or just for the thrill of flying,” said Moon Tae-Hyun, DJI’s director of brand management and operations.

“Having the opportunity to get behind the remote controller and trying out the technology first hand can enrich the customer experience. When people understand how it works or how easy it is to fly, they will discover what this technology can do for them and see a whole new world of possibilities.”

Images courtesy of DJI

In addition to its general sessions, which will allow members of the public to drop by and try their hand at flying drones, the arena will also offer private hire, including corporate events. For some companies, then, drone flying could become the new golf.

There will also be regular events, allowing pros to compete against one another, and drone training, in the form of DJI’s New Pilot Experience Program, for newcomers.

The arena has been launched in partnership with Japan Circuit, a developer of connected technologies, including drones.

“We are extremely excited to partner with DJI to launch the first DJI Arena in Japan,” said Tetsuhiro Sakai, CEO of Japan Circuit.

“Whether you are a skilled drone pilot or someone looking for their first drone, we welcome everyone to come and learn, experience it for themselves, and have fun. The new DJI Arena will not only serve as a gathering place for drone enthusiasts but also help us reach new customers and anyone interested in learning about this incredible technology.”

The arena is the second of its kind to be launched by DJI, with the first located in Yongin, South Korea, and detailed in the video above. .

Having opened in 2016, the area has attracted visitors from around the world, demonstrating serious demand for this type of entertainment space.

If the Tokyo launch goes well, it’s likely DJI will look at rolling out its arena concept to other cities, perhaps even bringing the model to the US and Europe.

For now, however, those who are interested can book time at the Tokyo arena here.

Commercial Human Spaceflight Advances Prompt Calls for Space Safety Institute

Commercial human spaceflight has been a long-held dream, but now it is finally poised to become a reality. Companies including Virgin Galactic and SpaceX are inching ever closer to taking private citizens into space, and there are serious plans for spaceports in several parts of the world, including Hawaii, the US, and Scotland, the UK.

But while the industry is advancing, the legal side of this fledgling commercial space industry remains underdeveloped, leading to calls for the development of an organisation to establish a framework for the safe operation of spaceports for human commercial spaceflights.

Writing in the journal New Space, Mclee Kerolle, from the United States International Institute of Space Law in Paris, France, has proposed the establishment of a Space Safety Institute recognised by the US congress and the United Nations.

This institute would “develop, enforce and adopt standards of excellence”, allowing the industry to develop while protecting it from liability and insurance risks.

“Currently, no international regulatory body exists to regulate the operation of spaceports,” he wrote. “This is unfortunate because while the advent of commercial human spaceflight industry is imminent, a majority of the focus from the legal community will be on regulating spaceflights and space access vehicles.

“However, the regulation of spaceports should be viewed in the same light as the rest of the commercial human spaceflight industry.”

The article focuses particularly on the establishment of a spaceport at the Kona International Airport in Keahole, Hawaii. At present, the spaceport’s development is subject to regulation by the Federal Aviation Authority, however there are aspects to spaceport development that do not apply to conventional aviation operations.

A spacesuit design for commercial flights developed by SpaceX. Featured image: SpaceX’s proposed spaceport for its conceptual interplanetary transport system. All images courtesy of SpaceX

The institute would be designed to first and foremost ensure safety within the industry, so it would be important, according to Kerolle, to ensure it was made up of individuals with expertise in the field, rather than bureaucrats.

“To make sure that this flexibility is inherent in a Space Safety Institute, the organization should be composed of individuals within the industry as opposed to government officials who are not familiar with the commercial human spaceflight industry,” he wrote.

“As a result, this should protect the commercial human spaceflight industry to some liability exposure, as well as promote growth in the industry to ensure the industry’s survival.”