UK urged to prioritise employee training for cyber defence

Security experts highlight the increasing threat of cyber-attacks from hostile states and underscore the importance of a robust information governance framework.

The United Kingdom is reportedly underestimating the potential risks posed by sophisticated cyber-attacks originating from state actors and organised gangs. Monika Sobiecki, a Media and Information Law Partner at Bindmans, issues this warning.

Monika Sobiecki emphasised the critical role of employees in safeguarding public and private sector organisations against cyber threats. "As public and private sector organisations are hit with an increasing volume of sophisticated cyber-attacks from hostile state actors, their employees will remain the crucial front line of defence—or potential attack surface," she stated.

Sobiecki further highlighted the significance of staff training on cybersecurity awareness. She explained that training employees to identify social engineering attempts and effectively handle incident responses can be more beneficial than solely investing in advanced cyber products.

"Ensuring that staff receive regular cyber security awareness training, for example in spotting attempts at social engineering and in dealing with incident response, as well as having a robust information governance framework, are just as if not more valuable than buying an expensive off-the-shelf AI-enabled cyber product," Sobiecki added.

With cyber-attacks becoming increasingly sophisticated, organisations need to adopt comprehensive measures that involve not only technological solutions but also strategic training and information governance.